Re: Fedora Linux 38 blocker status summary

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 3 Mar 2023 at 15:56, Ben Cotton <bcotton@xxxxxxxxxx> wrote:
The current target release date is the early target date (2023-03-14).
The Go/No-Go meeting will be Thursday!

Action summary
====================

Accepted blockers
-----------------

1. distribution — Workstation boot x86_64 image exceeds maximum size — POST
ACTION: gdb maintainers to remove the 'Recommends' for gcc-gdb-plugin from gdb

2. crypto-policies —  Insecure installed RPMs (like Google Chrome)
prevent system updates in F38, can't be removed  — NEW
ACTION: Upstream to implement MR #129


2. crypto-policies — https://bugzilla.redhat.com/show_bug.cgi?id=2170878 — NEW
Insecure installed RPMs (like Google Chrome) prevent system updates in
F38, can't be removed

Some third-party repos (including Google Chrome) that sign packages
with SHA-1 cannot be uninstalled, which breaks upgrades. This was
designated a blocker by FESCo. Work is in progress upstream to allow
RPM to permit SHA-1 in the default policy while third-party repos
update to a supported hash function:
https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/merge_requests/129

I think the issue is 'larger' than SHA-1. Google Chrome and some other 3rd party software seem to be signed with keys which are both SHA1 and DSA keys. Either one of these would cause the problem with not being able to update/uninstall/etc and since one is a checksum and the other is an encryption type need possibly different solutions. 
 
--
Stephen Smoogen, Red Hat Automotive
Let us be kind to one another, for most of us are fighting a hard battle. -- Ian MacClaren
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux