Re: [blfs-dev] What's left for the 9.0 release?
On 30/08/2019 17:44, Xi Ruoyao via blfs-dev wrote: > On 2019-08-30 10:24 -0500, Douglas R. Reno wrote: >> On 2019-08-30 10:22, Xi Ruoyao via blfs-dev wrote: >>> On 2019-08-30 09:20 -0500, Bruce Dubbs via blfs-dev wrote: All packages have now been tagged and all tickets closed for the 9.0 release. What other things are remaining that we need to address before the Sunday release? -- Bruce >>> >>> It seems #12448 and #12459 contain various security fixes. Should we >>> backport >>> them to 9.0? >>> -- >>> Xi Ruoyao >>> School of Aerospace Science and Technology, Xidian University >> >> #12456 (Ruby) has a fix for two vulnerabilities - one from 2012 and one >> from 2015. The problem with backporting updates is that I believe that >> everything that links to them has to be retested. That being said >> though, I'd give a +1 to backporting them. > > I'll try a full jhalfs build to verify 9.0 tomorrow. I hope I can use jhalfs > correctly and my 16-core workstation will work fine. But I can't guarantee > any > success. > If you need anything, please tell me. I think a full blfs can be built by editing at most 30 scripts, most notably: - PAM (choose which "system-password" file) - openldap (choose between server and client) - mariadb and posgresql (add a sleep 1 after starting the daemon, and some config files for mariadb) - kerberos (the config needs to be done manually) - aspell (choose a dictionary) - sendmail, postfix, and exim (choose one, and verify config files) - openssh (needs manual intervention for generating key and sending it to remote) - rust (the instructions for creating /opt/rust are wrongly wrapped into porg instructions, if you use porg) - bind, bind-utils, and unbound (choose one, and verify config files) - cups, and some other packages, may have instructions like gtk-update-icon-cache or update-desktop-database before the corresponding program is installed. - java binary (choose 32/64 bits) - openjdk (unset MAKEFLAGS) - gtk2 (check config) - dhcp, dhcpcd (choose one, and check config) - tripwire - almost all the packages that install bootscripts which need some configuration in /etc/sysconfig (ftp programs, DM, and DE, network interfaces, etc) - package using tex (need to add the directory of tex binaries to PATH when running sudo, not sure it is needed anymore, but I do it :) - mozilla packages (edit config) - the environment scripts (xorg-env, kf5-intro) - kf5-frameworks and plasma (remove bash -e and exit, since they break scripts), and also edit some /opt settings. Also, it is usually necessary to rebuild poppler after qt5 (if built before), otherwise okular does not compile. Pierre -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] What's left for the 9.0 release?
On 2019-08-30 11:10, Bruce Dubbs via blfs-dev wrote: On 8/30/19 10:24 AM, Douglas R. Reno via blfs-dev wrote: On 2019-08-30 10:22, Xi Ruoyao via blfs-dev wrote: On 2019-08-30 09:20 -0500, Bruce Dubbs via blfs-dev wrote: All packages have now been tagged and all tickets closed for the 9.0 release. What other things are remaining that we need to address before the Sunday release? It seems #12448 and #12459 contain various security fixes. Should we backport them to 9.0? #12456 (Ruby) has a fix for two vulnerabilities - one from 2012 and one from 2015. The problem with backporting updates is that I believe that everything that links to them has to be retested. That being said though, I'd give a +1 to backporting them. Webkit has gnome/applications/evolution.xml gnome/platform/yelp.xml gnome/platform/gnome-online-accounts.xml gnome/platform/zenity.xml xsoft/graphweb/epiphany.xml xsoft/other/balsa.xml Ruby has: server/databases/mariadb.xml x/lib/webkitgtk.xml postlfs/editors/vim.xml xincludes/texruntime.xml general/graphlib/gegl.xml general/prog/subversion.xml general/genutils/graphviz.xml pst/xml/docbook-xsl.xml libgcrypt has: networking/netprogs/samba.xml networking/netutils/wireshark.xml x/lib/gtk-vnc.xml x/installing/mesa.xml x/installing/xorg-server.xml x/dm/lightdm.xml postlfs/virtualization/qemu.xml postlfs/security/cryptsetup.xml postlfs/security/gnupg2.xml multimedia/libdriv/gst10-plugins-bad.xml multimedia/videoutils/vlc.xml kde/kf5/kf5-frameworks.xml gnome/applications/vino.xml gnome/platform/gcr.xml gnome/platform/totem-pl-parser.xml gnome/platform/gvfs.xml gnome/platform/libsecret.xml general/sysutils/accountsservice.xml general/sysutils/systemd.xml general/sysutils/rasqal.xml general/genlib/libxslt.xml general/genlib/qca.xml general/genlib/libssh2.xml xsoft/office/abiword.xml xsoft/other/tigervnc.xml xsoft/other/pidgin.xml Do we have any volunteers? The alternative is to update after release and publish notification in the errata. I'll note that we get these types of security updates continuously thoughout the year. webkit and firefox seem to get them quite often. -- Bruce I was going to take the day off, but I can handle it. I have all of those built anyway. I'll have 'em in by later tonight or tomorrow morning. I'll start in around an hour and fetch the three tickets. I'm going to do ruby first, then WebKitGTK+, and then libgcrypt. Going for libgcrypt last because it has the most to reverify. -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] What's left for the 9.0 release?
On 8/30/19 10:24 AM, Douglas R. Reno via blfs-dev wrote: On 2019-08-30 10:22, Xi Ruoyao via blfs-dev wrote: On 2019-08-30 09:20 -0500, Bruce Dubbs via blfs-dev wrote: All packages have now been tagged and all tickets closed for the 9.0 release. What other things are remaining that we need to address before the Sunday release? It seems #12448 and #12459 contain various security fixes. Should we backport them to 9.0? #12456 (Ruby) has a fix for two vulnerabilities - one from 2012 and one from 2015. The problem with backporting updates is that I believe that everything that links to them has to be retested. That being said though, I'd give a +1 to backporting them. Webkit has gnome/applications/evolution.xml gnome/platform/yelp.xml gnome/platform/gnome-online-accounts.xml gnome/platform/zenity.xml xsoft/graphweb/epiphany.xml xsoft/other/balsa.xml Ruby has: server/databases/mariadb.xml x/lib/webkitgtk.xml postlfs/editors/vim.xml xincludes/texruntime.xml general/graphlib/gegl.xml general/prog/subversion.xml general/genutils/graphviz.xml pst/xml/docbook-xsl.xml libgcrypt has: networking/netprogs/samba.xml networking/netutils/wireshark.xml x/lib/gtk-vnc.xml x/installing/mesa.xml x/installing/xorg-server.xml x/dm/lightdm.xml postlfs/virtualization/qemu.xml postlfs/security/cryptsetup.xml postlfs/security/gnupg2.xml multimedia/libdriv/gst10-plugins-bad.xml multimedia/videoutils/vlc.xml kde/kf5/kf5-frameworks.xml gnome/applications/vino.xml gnome/platform/gcr.xml gnome/platform/totem-pl-parser.xml gnome/platform/gvfs.xml gnome/platform/libsecret.xml general/sysutils/accountsservice.xml general/sysutils/systemd.xml general/sysutils/rasqal.xml general/genlib/libxslt.xml general/genlib/qca.xml general/genlib/libssh2.xml xsoft/office/abiword.xml xsoft/other/tigervnc.xml xsoft/other/pidgin.xml Do we have any volunteers? The alternative is to update after release and publish notification in the errata. I'll note that we get these types of security updates continuously thoughout the year. webkit and firefox seem to get them quite often. -- Bruce -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] What's left for the 9.0 release?
On 2019-08-30 23:44 +0800, Xi Ruoyao wrote: > On 2019-08-30 10:24 -0500, Douglas R. Reno wrote: > > On 2019-08-30 10:22, Xi Ruoyao via blfs-dev wrote: > > > On 2019-08-30 09:20 -0500, Bruce Dubbs via blfs-dev wrote: > > > > All packages have now been tagged and all tickets closed for the 9.0 > > > > release. What other things are remaining that we need to address > > > > before > > > > the Sunday release? > > > > > > > >-- Bruce > > > > > > It seems #12448 and #12459 contain various security fixes. Should we > > > backport > > > them to 9.0? > > > -- > > > Xi Ruoyao > > > School of Aerospace Science and Technology, Xidian University > > > > #12456 (Ruby) has a fix for two vulnerabilities - one from 2012 and one > > from 2015. The problem with backporting updates is that I believe that > > everything that links to them has to be retested. That being said > > though, I'd give a +1 to backporting them. > > I'll try a full jhalfs build to verify 9.0 tomorrow. I hope I can use jhalfs > correctly and my 16-core workstation will work fine. But I can't guarantee > any > success. > > And volume-key can be built with Python 3 now. It should be OK to move the P2 > dependency to optional (for Python 2 binding). Should it be done in 9.0 or > 9.1? Sorry not volume-key but I can't recall which one now... I built "that" package a week ago I think. Defer it to 9.1. -- Xi Ruoyao School of Aerospace Science and Technology, Xidian University -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] What's left for the 9.0 release?
On 2019-08-30 10:24 -0500, Douglas R. Reno wrote: > On 2019-08-30 10:22, Xi Ruoyao via blfs-dev wrote: > > On 2019-08-30 09:20 -0500, Bruce Dubbs via blfs-dev wrote: > > > All packages have now been tagged and all tickets closed for the 9.0 > > > release. What other things are remaining that we need to address > > > before > > > the Sunday release? > > > > > >-- Bruce > > > > It seems #12448 and #12459 contain various security fixes. Should we > > backport > > them to 9.0? > > -- > > Xi Ruoyao > > School of Aerospace Science and Technology, Xidian University > > #12456 (Ruby) has a fix for two vulnerabilities - one from 2012 and one > from 2015. The problem with backporting updates is that I believe that > everything that links to them has to be retested. That being said > though, I'd give a +1 to backporting them. I'll try a full jhalfs build to verify 9.0 tomorrow. I hope I can use jhalfs correctly and my 16-core workstation will work fine. But I can't guarantee any success. And volume-key can be built with Python 3 now. It should be OK to move the P2 dependency to optional (for Python 2 binding). Should it be done in 9.0 or 9.1? -- Xi Ruoyao School of Aerospace Science and Technology, Xidian University -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] What's left for the 9.0 release?
On 2019-08-30 10:22, Xi Ruoyao via blfs-dev wrote: On 2019-08-30 09:20 -0500, Bruce Dubbs via blfs-dev wrote: All packages have now been tagged and all tickets closed for the 9.0 release. What other things are remaining that we need to address before the Sunday release? -- Bruce It seems #12448 and #12459 contain various security fixes. Should we backport them to 9.0? -- Xi Ruoyao School of Aerospace Science and Technology, Xidian University #12456 (Ruby) has a fix for two vulnerabilities - one from 2012 and one from 2015. The problem with backporting updates is that I believe that everything that links to them has to be retested. That being said though, I'd give a +1 to backporting them. -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] What's left for the 9.0 release?
On 2019-08-30 09:20 -0500, Bruce Dubbs via blfs-dev wrote: > All packages have now been tagged and all tickets closed for the 9.0 > release. What other things are remaining that we need to address before > the Sunday release? > >-- Bruce It seems #12448 and #12459 contain various security fixes. Should we backport them to 9.0? -- Xi Ruoyao School of Aerospace Science and Technology, Xidian University -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] What's left for the 9.0 release?
On 2019-08-30 09:20, Bruce Dubbs via blfs-dev wrote: All packages have now been tagged and all tickets closed for the 9.0 release. What other things are remaining that we need to address before the Sunday release? -- Bruce There are a few things that I'd like to suggest (my apologies for the text wrapping if it comes out wrong, using the webmail interface since I'm at a Windows machine). One thing that I'd like to see addressed is the installation of systemd units in xfce4-notifyd and Thunar. That should most certainly be fixed before release. -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
[blfs-dev] What's left for the 9.0 release?
All packages have now been tagged and all tickets closed for the 9.0 release. What other things are remaining that we need to address before the Sunday release? -- Bruce -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page