06.04.2012 19:43, Michael Schwendt написал:
On Fri, 6 Apr 2012 16:57:14 +0200, CF (Christophe) wrote:
On Fri, Apr 06, 2012 at 07:27:31AM -0600, Orion Poplawski wrote:
Suggestions? I'm tempted to pushed this to stable so that broken
deps emails start going out to get people to do the needed rebuilds.
Or perhaps someone in releng can for the needed buildroot overrides?
Or perhaps we drop the whole endeavor?
I'd lean towards this, why do we need to push a soname bump of ImageMagick
so late in the game when f17 is already in beta? If there's a critical bug
in the f17 package, isn't it possible to backport the fix instead of
forcing these rebuilds?
There are several CVEs. As whether the fixes for them could be backported,
well, somebody would need to investigate and do it.
Yes, indeed.
There several security issues found
https://bugzilla.redhat.com/show_bug.cgi?id=807994,
https://bugzilla.redhat.com/show_bug.cgi?id=807997,
https://bugzilla.redhat.com/show_bug.cgi?id=807993,
https://bugzilla.redhat.com/show_bug.cgi?id=808159,
https://bugzilla.redhat.com/show_bug.cgi?id=804591,
https://bugzilla.redhat.com/show_bug.cgi?id=804588,
https://bugzilla.redhat.com/show_bug.cgi?id=808159
I have contacted with upstream author to clarify when it will be fixed
in main tree. As I'll got answer I'll post update in rawhide asap.
Really it have worth have that in stable branches also (but it is not in
my rights now, so I must try find someone with at least with
provenpackager acl who want help). So have .so.5 in F17 is good idea -
in this case may be needed rebuild only dependencies explicitly depends
by ImageMagick version (ruby-RMagick for example), and I think I'll can
do that with contact of maintainers of that's packages.
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
