Re: Testing request: gnutls update for F19
Thank you! Jonathan Calloway Sent from my iPad On Mar 5, 2014, at 2:22 AM, Ed Greshko ed.gres...@greshko.com wrote: On 03/05/14 15:00, Adam Williamson wrote: On Tue, 2014-03-04 at 23:14 -0500, Jonathan Calloway wrote: Can you please provide direction on how to test this, specifically for this bug? Jonathan Calloway Just ensuring it doesn't break any dependent apps would be useful. I don't know offhand how to check the actual vulnerability has been correctly fixed, but as long as the update doesn't actually make anything *worse*, we can't hurt anything by getting it to stable ASAP, and I'm kinda figuring the RH security folks have verified the vulnerability fix already. Besides, maybe telling folks who don't know how to exploit the vulnerability isn't such a good idea? :-) :-) -- Getting tired of non-Fedora discussions and self-serving posts -- test mailing list test@lists.fedoraproject.org To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test -- test mailing list test@lists.fedoraproject.org To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
Re: Testing request: gnutls update for F19
On Wed, 2014-03-05 at 15:22 +0800, Ed Greshko wrote: On 03/05/14 15:00, Adam Williamson wrote: On Tue, 2014-03-04 at 23:14 -0500, Jonathan Calloway wrote: Can you please provide direction on how to test this, specifically for this bug? Jonathan Calloway Just ensuring it doesn't break any dependent apps would be useful. I don't know offhand how to check the actual vulnerability has been correctly fixed, but as long as the update doesn't actually make anything *worse*, we can't hurt anything by getting it to stable ASAP, and I'm kinda figuring the RH security folks have verified the vulnerability fix already. Besides, maybe telling folks who don't know how to exploit the vulnerability isn't such a good idea? :-) :-) That's 'security by obscurity', which is no security at all in the case of a publicly disclosed vulnerability. Trying to obfuscate the issue for some specific sub-culture once a comprehensive public description available is just silly. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net -- test mailing list test@lists.fedoraproject.org To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
DNF feedback request
Caught this on Planet Fedora today: the DNF devs are asking for feedback on use of the 'yum repo-pkgs' subcommands - they'd like to find out which of them people are actively using. See http://dnf.baseurl.org/2014/03/05/dnf-0-4-17-released/ . -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net -- test mailing list test@lists.fedoraproject.org To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
