On Tue, 22 Sep 2009, Seth Vidal wrote:
Out of curiosity - how does firefox deal with this? Not all sites send a
content-length header. Especially ftp-based sites.
I can see some fixes for it that wouldn't be too hard - I'm just not sure it
is a serious issue.
It's a pretty convoluted wa
On Tuesday 22 September 2009, James Antill wrote:
> On Tue, 2009-09-22 at 23:04 +0300, Ville Skyttä wrote:
> > +return 'bin/' in filename or filename.startswith('/etc/') or \
> > +filename == '/usr/lib/sendmail'
>
> Could you do these as:
>
> if 'bin/' in filename:
> return True
On Tue, 2009-09-22 at 23:04 +0300, Ville Skyttä wrote:
> +return 'bin/' in filename or filename.startswith('/etc/') or \
> +filename == '/usr/lib/sendmail'
Could you do these as:
if 'bin/' in filename:
return True
if filenam.startswith('/etc/'):
return True
if filename == '
Hello,
The attached patch switches to using basic string matching/replacing instead
of using regexps where appropriate. It's somewhat faster that way, and often
quite a bit more readable.
From 924c43653fc8fbc838f359beea7879583a13 Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Ville=20Skytt=C3=A4
On Tue, 2009-09-22 at 18:34 +0200, Tim Lauridsen wrote:
> On 09/22/2009 05:47 PM, James Antill wrote:
> > +assert state is not None
> >
> Why this one ?
Because that function (trans_data_pid_beg) is only called before the
transaction runs, and txmbr's shouldn't be added to the transac
On 09/22/2009 05:47 PM, James Antill wrote:
+assert state is not None
Why this one ?
Tim
___
Yum-devel mailing list
Yum-devel@lists.baseurl.org
http://lists.baseurl.org/mailman/listinfo/yum-devel
On Tue, Sep 22, 2009 at 11:48:52AM -0400, James Antill wrote:
> Wow ... can you test the attached patch.
Yes, I have verified that does fix the problem, thanks.
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
libguestfs lets you edit virtual machines. Supp
On Tue, 2009-09-22 at 07:56 -0700, Akshay Wattal wrote:
> Hi,
>
> i do agree on using signed repository metadata by YUM, but does it prevent
> the "freeze attack" in which the version of the packages can be
> compromisedfor example showing version 1.1 again and again even if newer
> versio
On Tue, 22 Sep 2009, Akshay Wattal wrote:
Hi,
i do agree on using signed repository metadata by YUM, but does it
prevent the "freeze attack" in which the version of the packages can be
compromisedfor example showing version 1.1 again and again even if
newer version is present
This i
On Tue, 2009-09-22 at 16:25 +0100, Richard W.M. Jones wrote:
> Previously (yum 3.2.24-4) yum ignored the case where some package
> fails to unpack, as in here:
>
> Installing : filesystem-2.4.30-2.fc12.x86_64
> 3/132
> Error unpacking rpm package filesystem-2.4.30-2.
---
yum/history.py | 11 ---
1 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/yum/history.py b/yum/history.py
index 9741d36..ea3a464 100644
--- a/yum/history.py
+++ b/yum/history.py
@@ -30,6 +30,9 @@ from yum.packages import YumInstalledPackage,
YumAvailablePackage, Packag
On Tue, 22 Sep 2009, James Antill wrote:
Because we need matching [], we can't just do a re_glob() of the first
char anymore. So we careate a new re_filename() function. This is also
clever enough that it doesn't match "[xy]bin/zsh", however negated
character classes and character class ranges
Because we need matching [], we can't just do a re_glob() of the first
char anymore. So we careate a new re_filename() function. This is also
clever enough that it doesn't match "[xy]bin/zsh", however negated
character classes and character class ranges are on their own (don't do
that).
Also add
On Tue, 22 Sep 2009, Richard W.M. Jones wrote:
Previously (yum 3.2.24-4) yum ignored the case where some package
fails to unpack, as in here:
Installing : filesystem-2.4.30-2.fc12.x86_643/132
Error unpacking rpm package filesystem-2.4.30-2.fc12.x86_64
error: unpac
Previously (yum 3.2.24-4) yum ignored the case where some package
fails to unpack, as in here:
Installing : filesystem-2.4.30-2.fc12.x86_643/132
Error unpacking rpm package filesystem-2.4.30-2.fc12.x86_64
error: unpacking of archive failed on file /proc: cpio: utime
Hi,
i do agree on using signed repository metadata by YUM, but does it prevent the
"freeze attack" in which the version of the packages can be compromisedfor
example showing version 1.1 again and again even if newer version is present
Also what about Endless Data Attackin which the m
16 matches
Mail list logo
