On 01. 02. 22 14:25, Pierre-Yves Chibon wrote:
On Tue, Feb 01, 2022 at 01:41:01PM +0100, Miro Hrončok wrote:
On 01. 02. 22 13:37, Fabio Valentini wrote:
Hi Miro,
Thanks for forwarding this announcement.
Apparently the talk about "improving communication between RHBZ and
the Fedora Project"
Jeff Fearn replied to my email, but he only copied the internal
bugzilla-list, because he wanted to include security details and didn't
feel comfortable doing that on a public list. I've selected the most
important parts of his replies and deleted the rest. Please see his
responses below:
On Wed,
On 2/9/22 14:30, Adam Williamson wrote:
> On Wed, 2022-02-09 at 17:44 +, Daniel P. Berrangé wrote:
>>
>> I've not seen this kind of auth dance implemented in any software
>> other than TV streaming apps, and not bugzilla and not any other
>> bug tracker I've come across. So it is not a
On Wed, Feb 09, 2022 at 17:44:35 +,
"Daniel P. Berrangé" wrote:
Using API tokens over username/password is a good thing from a security
POV, but as you say, the process of creating the token and getting it
over to the client is horribly user unfriendly.
That depends on ypur threat
st 9. 2. 2022 o 20:37 Adam Williamson
napísal(a):
> On Wed, 2022-02-09 at 20:27 +0100, Michal Srb wrote:
> > st 9. 2. 2022 o 19:39 Michael Catanzaro
> napísal(a):
> >
> > >
> > > Am I right to suspect that ABRT bug reports are going to disappear for
> > > the foreseeable future?
> > >
> >
> >
On Wed, 2022-02-09 at 20:27 +0100, Michal Srb wrote:
> st 9. 2. 2022 o 19:39 Michael Catanzaro napísal(a):
>
> >
> > Am I right to suspect that ABRT bug reports are going to disappear for
> > the foreseeable future?
> >
>
> Nope, we are working on a fix.
That's great news, but since AFAICT
On Wed, 2022-02-09 at 17:44 +, Daniel P. Berrangé wrote:
>
> I've not seen this kind of auth dance implemented in any software
> other than TV streaming apps, and not bugzilla and not any other
> bug tracker I've come across. So it is not a practical solution
> today, more of a thought
st 9. 2. 2022 o 19:39 Michael Catanzaro napísal(a):
>
> Am I right to suspect that ABRT bug reports are going to disappear for
> the foreseeable future?
>
Nope, we are working on a fix.
Thanks,
Michal
>
> ___
> devel mailing list --
Am I right to suspect that ABRT bug reports are going to disappear for
the foreseeable future?
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
On Wed, Feb 09, 2022 at 11:33:24AM +0100, Kamil Paral wrote:
> However, even if Anaconda changes the bug reporting mechanism and asks the
> user to create an API key first, and then provide it to Anaconda, I fear
> that this will have a devastating impact on the number of bug reports that
> we
On Tue, Feb 1, 2022 at 3:30 AM Jeff Fearn wrote:
> Tl;dr From Monday 28th February, applications making API calls to
> Bugzilla may no longer authenticate using passwords or supplying API
> keys in call parameters. Instead, API keys must be supplied in the
> Authorization header.
>
> Support for
On Wed, Feb 9, 2022, 07:44 Mattia Verga via devel <
devel@lists.fedoraproject.org> wrote:
> So, I've updated review-stats container to run on F34 with
> python-bugzilla 3.2.0, but it still authenticate using
> username+password. Is that enough to avoid authentication errors and
> user ban or I
So, I've updated review-stats container to run on F34 with
python-bugzilla 3.2.0, but it still authenticate using
username+password. Is that enough to avoid authentication errors and
user ban or I need to change the authentication method?
Mattia
___
Dne 01. 02. 22 v 12:37 Miro Hrončok napsal(a):
Target Dates:
https://bugzilla.stage.redhat.com - Mon 07th Feb 00:00 UTC
https://bugzilla.redhat.com - Mon 28th Feb 00:00 UTC
This is challenging.
Especially when the support in python-bugzilla landed just few weeks ago. I would really expect
Miro Hrončok wrote:
> From: Jeff Fearn
[…]
> If you attempt to use an old method to authenticate to the API after this
> change has been made, the API_KEY or password supplied will be treated as
> potentially compromised and invalidated immediately. If you supplied your
> password then you will
On 2/1/22 7:37 AM, Fabio Valentini wrote:
> On Tue, Feb 1, 2022 at 12:37 PM Miro Hrončok wrote:
>>
>> Forwarded Message
>> Subject: [Bugzilla-announce-list] Action Required: Bugzilla - API
>> Authentication changes
>> Date: Tue, 1 Feb 2022 1
On Tue, Feb 01, 2022 at 02:25:36PM +0100, Pierre-Yves Chibon wrote:
> On Tue, Feb 01, 2022 at 01:41:01PM +0100, Miro Hrončok wrote:
> > On 01. 02. 22 13:37, Fabio Valentini wrote:
> > > Hi Miro,
> > >
> > > Thanks for forwarding this announcement.
> > > Apparently the talk about "improving
On Tue, Feb 01, 2022 at 01:41:01PM +0100, Miro Hrončok wrote:
> On 01. 02. 22 13:37, Fabio Valentini wrote:
> > Hi Miro,
> >
> > Thanks for forwarding this announcement.
> > Apparently the talk about "improving communication between RHBZ and
> > the Fedora Project" has not born fruit yet. ;)
>
>
Forwarded Message
Subject: [Bugzilla-announce-list] Action Required: Bugzilla - API
Authentication changes
Date: Tue, 1 Feb 2022 12:28:13 +1000
From: Jeff Fearn
To: bugzilla-announce-l...@redhat.com
Tl;dr From Monday 28th February, applications making API calls to Bugzilla
On 01. 02. 22 13:37, Fabio Valentini wrote:
Hi Miro,
Thanks for forwarding this announcement.
Apparently the talk about "improving communication between RHBZ and
the Fedora Project" has not born fruit yet. ;)
Well the announcement was public, I recommend subscribing to
On Tue, Feb 1, 2022 at 12:37 PM Miro Hrončok wrote:
>
> Forwarded Message
> Subject: [Bugzilla-announce-list] Action Required: Bugzilla - API
> Authentication changes
> Date: Tue, 1 Feb 2022 12:28:13 +1000
> From: Jeff Fearn
> To: bugzilla-announce-l...
Forwarded Message
Subject: [Bugzilla-announce-list] Action Required: Bugzilla - API
Authentication changes
Date: Tue, 1 Feb 2022 12:28:13 +1000
From: Jeff Fearn
To: bugzilla-announce-l...@redhat.com
Tl;dr From Monday 28th February, applications making API calls to Bugzilla
22 matches
Mail list logo