Re: [Ganglia-developers] [Ganglia-general] [SECURITY] [IMPORTANT] Security issue in Ganglia Web
On Thu, Aug 02, 2012 at 09:35:47PM +, Daniel Pocock wrote: I remember that logic - but that doesn't really reflect what the distributions do Just backporting/cherry-picking the most essential security fixes to an old branch shouldn't be a big pain though I believe Kostas has already pushed out patches for 3.1.7 to Fedora/EPEL so in terms of distributed binary packages I guess we should be fine? Debian 6 also has 3.1.x - when this was mentioned before, I thought Kostas was updating the 3.1 branch and then the Debian and Fedora packages could all be built from the same tarball Kostas, could you possibly commit what you did onto the 3.1 branch and then I'll release a tarball? As you noticed there are no branches (or tags) for old releases :( If we can ressurect them I'll be happy to push the fixes. Kostas -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Ganglia-developers mailing list Ganglia-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ganglia-developers
Re: [Ganglia-developers] git repo status
On 2012-08-02 17:41, Daniel Pocock wrote: b) we don't have the old branches (at least I can't see them) This in principle is the least disruptive to fix. The svn repos tag revisions can be matched with the right commits in the git repo on github, and then tagged after the fact. Ideally this would be done with whatever mechanism did the original import so the exact commit hashes line up. Maybe it's a long shot, but maybe it is possible to extract from SVN again, rebase all the new work on top of it, and push that up to github? I believe scripts exist for amending the authors Either approach is equivalent to rebasing a public branch has the same impact to everyone using the repository. Rebasing is about as traumatic as a move from svn -- git. git-filter-branch is the nice wrapper for renaming authors or otherwise editing commit meta-data. -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Ganglia-developers mailing list Ganglia-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ganglia-developers