Greetings,
My Name is Niranjan, I am QE Engineer with Red Hat Certificate Services team, I would like to try and see if i can be of any help to the team.
I would like to work on the below bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=884831 https://bugzilla.redhat.com/show_bug.cgi?id=869570
Regards, Niranjan
Hi All,
Just wanted to drop a quick intro and say hi. I currently work as a Linux admin and have very recently started helping as a package maintainer.
I have grabbed:
https://bugzilla.redhat.com/show_bug.cgi?id=890907
Initial research shows that the moin el5 package (1.5.9-1) has been orphaned and is far behind what we have in fedora (1.9.7-3).
Would the first step be to see if vpv (moin fedora package maintainer) would be willing to submit the current fedora package for epel?
TIA
JT
On Fri, 1 Aug 2014 13:52:44 +0000 Jason Taylor wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=890907
Initial research shows that the moin el5 package (1.5.9-1) has been orphaned and is far behind what we have in fedora (1.9.7-3).
Would the first step be to see if vpv (moin fedora package maintainer) would be willing to submit the current fedora package for epel?
Fedora maintainer may at least be able to hint if recent packages are compatible with the version in EPEL, i.e. if they can be offered as upgrade to users without breaking their existing installations.
There are few components in EPEL that are already provided in multiple versions, older one probably unmaitained - mediawiki and mediawiki119, Django14 and python-django15, phpMyAdmin and phpMyAdmin3.
Niranjan wrote:
Greetings,
My Name is Niranjan, I am QE Engineer with Red Hat Certificate Services team, I would like to try and see if i can be of any help to the team.
I would like to work on the below bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=884831 https://bugzilla.redhat.com/show_bug.cgi?id=869570
I am trying to reproduce the vulnerability on the affected version , To see if it's actually vulnerable.
Will report the results back to the team soon.
Regards, Niranjan
security-team mailing list security-team@lists.fedoraproject.org https://lists.fedoraproject.org/mailman/listinfo/security-team
On Fri, 1 Aug 2014 13:54:28 +0530 Niranjan wrote:
My Name is Niranjan, I am QE Engineer with Red Hat Certificate Services team, I would like to try and see if i can be of any help to the team.
I would like to work on the below bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=884831 https://bugzilla.redhat.com/show_bug.cgi?id=869570
A help form anyone who is already familiar with the code base of a specific affected component, or is familiar enough with it to be able to test applied fix, is definitely welcome.
Tomas Hoger wrote:
On Fri, 1 Aug 2014 13:54:28 +0530 Niranjan wrote:
My Name is Niranjan, I am QE Engineer with Red Hat Certificate Services team, I would like to try and see if i can be of any help to the team.
I would like to work on the below bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=884831 https://bugzilla.redhat.com/show_bug.cgi?id=869570
A help form anyone who is already familiar with the code base of a specific affected component, or is familiar enough with it to be able to test applied fix, is definitely welcome.
I am trying to ascertain if the package is indeed vulnerable to CVE's mentioned in the BZ, I will post my updates to the list.
Where i am currently:
Have installed pki-ca, pki-kra, pki-tks, pki-tps and configured to verify if the CVE's are applicable. Currently there are some issues to access the TPS admin interface, If this issue turns out to be a bug, then CVE's may not be applicable (because to take advantage of the vulnerability one has to login to tps admin interface.) , I have mailed package maintainer for further help in this regard.
I will post the updates on this.
If any body else have any more pointers on this. Do let me know
Regards Niranjan
-- Tomas Hoger / Red Hat Product Security _______________________________________________ security-team mailing list security-team@lists.fedoraproject.org https://lists.fedoraproject.org/mailman/listinfo/security-team
security-team@lists.fedoraproject.org