[EPEL-devel] EPEL-ANNOUNCE Major update of libhtp in EPEL6
Mathieu Bridon
bochecha at fedoraproject.org
Fri Dec 12 23:31:23 UTC 2014
Hi,
tl;dr: I just submitted a major update of libhtp to EPEL6 testing,
testing and feedback are more than welcome:
https://admin.fedoraproject.org/updates/libhtp-0.5.16-1.el6
-----
A security bug has been opened today against libhtp in EPEL6:
https://bugzilla.redhat.com/show_bug.cgi?id=1173610
The bug is fixed in the latest upstream release (0.5.16), but EPEL6
still was using the (very old) 0.3.0.
Preferring not to break libhtp users in EPEL6, I first tried to just
backport the patch for the security issue.
Then I realized that the EPEL6 package wasn't running the unit tests in
%check, so I figured I'd add them, to be a bit more confident in my
backported fix.
This broke the build on PPC64. It seems that libhtp 0.3.0 never actually
worked on PPC64 in EPEL6.
Backporting a simple security fix is one thing, but making the library
work on PPC64 is more than I'm able to do for libhtp on EPEL6 these
days.
As a result, I decided to instead try pushing the update to the latest
and greatest, as it both fixes the security issue and works on PPC64:
https://admin.fedoraproject.org/updates/libhtp-0.5.16-1.el6
It seems nothing requires libhtp in EPEL6, but I thought I'd still send
an announcement about the bump, for people building their own stuff
against it.
If it really causes too much problem to upgrade it, then I'll welcome
any help to find another solution.
Sorry for the trouble,
--
Mathieu
_______________________________________________
epel-announce mailing list
epel-announce at lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-announce
More information about the epel-devel
mailing list