#mageia-qa log

19:06:55 <MrsB> #startmeeting
19:06:55 <Inigo_Montoya> Meeting started Thu Apr 10 19:06:55 2014 UTC.  The chair is MrsB. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:06:55 <Inigo_Montoya> Useful Commands: #action #agreed #help #info #idea #link #topic.
19:07:17 <MrsB> Hi everybody
19:07:20 <rindolf> MrsB: hi.
19:07:25 <Kernewes> MrsB: hi MrsB
19:07:30 <wilcal> Hi all
19:07:38 <MrsB> Welcome to another meeting :)
19:07:46 <MrsB> #chair wilcal
19:07:46 <Inigo_Montoya> Current chairs: MrsB wilcal
19:07:56 <MrsB> It looks like Dave won't be joining us tonight
19:08:01 <wilcal> Yippeee I'll try to behave myself
19:08:16 <MrsB> he's been having halth problems and sleeping alot
19:08:35 <MrsB> #topic Who's new?
19:08:52 <MrsB> Is there anybody new here tonight?
19:09:00 * Kernewes prays that there is
19:09:07 <lewyssmith> Why?
19:09:08 <sebsebseb> hi
19:09:18 <Kernewes> lewyssmith: we need more team members
19:09:18 <MrsB> hi sebsebseb  you're not new
19:09:19 * sebsebseb is bran new :d
19:09:28 <lewyssmith> Kernewes: True...
19:09:57 <MrsB> looks like nobody today
19:10:02 <sebsebseb> no  don't be followed raingazer  isn't new either,  just his name it eems
19:10:07 <lewyssmith> That makes the 3rd Gazer.
19:10:07 <sebsebseb> fooled above
19:10:20 <diogenese> He's a legion.
19:10:38 <Kernewes> we need an updategazer
19:10:38 <MrsB> #topic Heartbleed
19:10:39 <raingazer> muhahaha   ;-)
19:10:52 <MrsB> wilcal: you wanted to talk about this didn't you
19:11:05 <lewyssmith> He did.
19:11:19 <wilcal> Should we talk about this now or during Luigi's section
19:11:23 <MrsB> caught him with nothing to paste :D
19:11:39 <MrsB> we can do both
19:11:48 <wilcal> OK the political now
19:12:00 <wilcal> It's all over the news here and "Linux" is taking a hit
19:12:22 <lewyssmith> A friend from Canada sent me links about it.
19:12:35 <wilcal> One newscast listed all the major linux distros and I was holding my breath waiting for them to meniton Mageia
19:12:40 <wilcal> they did not
19:12:44 <sebsebseb> yes I saw your emai to QA discus about that wilcal
19:12:50 <sebsebseb> BBC uhmm
19:12:53 <sebsebseb> I read a aritcle where
19:13:03 <wilcal> "90%" of the Internet has been compromised
19:13:15 <sebsebseb> they are saying to re set passwords, but then it also uhmm  mentioned how  the Rassbery Pi generation could  do stuff
19:13:16 <raingazer> Mageia were quick to get the update out and it's fixed
19:13:30 <wilcal> I
19:13:31 <wilcal> I see doktor5000 is thrashing around in the forums about this exploit. I think Mageia needs to generate
19:13:33 <wilcal> an easily understood paragraph about how Mageia is effected or not and/or how to midigate it all.
19:13:47 <sebsebseb> and  it's like  oh maybe shoudn't  just g and re st passwords, but it' a goo idea jut re set if tol by  th companies,  an Yahoo had issues.  oh and  if re setting the passwor on a service that isn't fix, I guess that may not do much good then
19:13:53 <MrsB> you mean a blog post?
19:14:00 <sebsebseb> are we all meant to re et all our passwords or not by the way?  for everything
19:14:01 <wilcal> Something on www.mageia.org that doktor5000 can refer to
19:14:10 <wilcal> Something very simple
19:14:28 <MrsB> Why not put something together and email it to council
19:14:47 <sebsebseb> BBC think the Rassbery Pi genration will exploit the  issue
19:14:49 <raingazer> this link gives a good overview => http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html
19:14:50 <[mbot> [ Half a million widely trusted websites vulnerable to Heartbleed bug | Netcraft ]
19:14:52 <wilcal> Best it come first from Luigi then we can refine it
19:14:57 <sebsebseb> or so it seems going by whta  I read before
19:15:09 <wilcal> Lots of referencs on the net
19:15:15 <lewyssmith> What I read about it, it had *not* actually been exploited. It will be now.
19:15:17 <wilcal> Nothing that is Mageia specific
19:15:29 <raingazer> "Certificates and keys at risk of compromise should be revoked and replaced, particularly if they are used to protect sensitive data."
19:15:43 <wilcal> But the news media is exploiting it to "sell newspapers"\
19:16:15 <MrsB> so you're wanitng to volunteer David to write something?
19:16:30 <sebsebseb> ok, but are the email passwords etc meant to rally get re set, because of that?
19:16:53 <wilcal> Someone who intimately understands our security on Mageia and OpenSSL
19:17:24 <wilcal> Simple statements like "If your not running a server it does not effect you"
19:17:32 <MrsB> There is plenty of info out there, I don't think we need to hype it more than it has been.
19:17:53 <sebsebseb> wilcal: iff not running a server it does not effect, really?
19:18:07 <sebsebseb> apparnatly all or pretty much paswords meant to get re set tough, email etc etc
19:18:08 <wilcal> Low on hype, Mageia updates mitigate the risk
19:18:49 <MrsB> Ok, let's ask Luigi then and if he's too busy maybe raingazer would do something for us :)
19:19:06 <MrsB> or if not the treegazer or wikigazer might
19:19:11 <wilcal> If your not running a OpenSSL server Heartbleed can't reach into to Mageia workstation
19:19:47 <raingazer> as far as I can tell, wiki.mageia.org and forums.mageia.org are not vulnerable
19:19:58 <wilcal> Heartbleed & Mageia for dummies paragraph
19:20:11 <raingazer> but, I do not know if the certificates have been replaced
19:20:50 <Luigi12_work> from what I understand, the impact isn't limited to servers, those are just the most-at-risk so the first priority was to get them patched
19:21:09 <Luigi12_work> but malicious servers can steal 64k of memory from clients too, pretty much anything using openssl 1.0.1 is affected
19:21:09 <wilcal> Thanks Luigi
19:21:32 <Luigi12_work> I wouldn't call myself a security expert though, so I only know what I've read
19:21:36 <wilcal> Latest OpenSSL here is 1.01e I think
19:21:58 <wilcal> One news report today said you had to have 1.01g to be safe
19:22:01 <raingazer> and, it's not just webservers on 443, it's any server using OpenSSL (for example, some IRC servers have encrypted channels that use it)
19:22:02 <Luigi12_work> the letter isn't important
19:22:06 <MrsB> it was patched to fix it
19:22:07 <Luigi12_work> it's just a matter of what patches your build has
19:22:19 <Luigi12_work> our update has the appropriate fix
19:22:29 <sebsebseb> Luigi12_work: wilcal thinks your a security expert
19:22:32 <Luigi12_work> raingazer: yes that's also true
19:22:38 <Luigi12_work> sebsebseb: yes I noticed that, sorry to disappoint
19:22:59 <wilcal> Maybe just a simple statement that an up-to-date Mageia 3/4 system is safe
19:23:11 <MrsB> openvpn is also affected, along with many other things which use openssl. It's not restricted to web servers
19:23:15 <raingazer> wilcal: you are safe with 1.01g but Many distros have patched their current release.Mageia has patched 1.01e (as have CentOS)
19:23:24 <Luigi12_work> ZDNet I think already pushlished an article that mentioned that we already have the fix
19:23:30 <lewyssmith> Do I take it that our recent OpenSSL update *does* fix it?
19:23:39 <MrsB> of course, yes
19:23:44 <raingazer> MrsB: exactly, anything that uses OpenSSL
19:23:56 <wilcal> If we are mentioned in ZDNet maybe just a link to that would be GREAT!!!!
19:24:09 <Luigi12_work> I've read so many articles this week I have trouble finding them
19:24:19 <diogenese> It tests ok here according to http://filippo.io/Heartbleed
19:24:21 <[mbot> [ Test your server for Heartbleed (CVE-2014-0160) ]
19:24:24 <Luigi12_work> I already tried to find one reference about the seriousness of it for a friend that was asking and I couldn't find the one I was looking for
19:24:27 <wilcal> Poor doktor5000 is get'n beat up on the forum
19:24:59 <MrsB> http://heartbleed.com/ is a good reference
19:25:00 <[mbot> [ Heartbleed Bug ]
19:25:20 <wilcal> Somewhere somehow something has to say "Mageia is OK"
19:25:53 <Luigi12_work> wilcal: something does
19:26:03 <wilcal> And that link is where
19:26:09 <raingazer> it;s the security advisory
19:26:17 <Luigi12_work> this is why we have security advisories
19:26:29 <MrsB> #info wilcal suggests a short blog post with info that the recent openssl update fixes this issue and some links to further reading.
19:26:33 <wilcal> But thats's not something that the casual user would find
19:26:35 <Luigi12_work> http://lwn.net/Vulnerabilities/593110/ shows various distros advisories for this
19:26:38 <[mbot> [ openssl: side-channel attack [LWN.net] ]
19:26:40 <Luigi12_work> oops wron glink
19:26:52 <Luigi12_work> http://lwn.net/Vulnerabilities/593861/
19:26:54 <[mbot> [ openssl: information disclosure [LWN.net] ]
19:26:58 <lewyssmith> I like glink.
19:27:18 <wilcal> That looks good
19:27:18 <Luigi12_work> if users are interested in information about security vulnerabilities, they should look at the security advisories, duh, that's what they're there for
19:27:33 <lewyssmith> Hello Dave.
19:27:41 <sebsebseb> hi DavidWHodgins :) you made it
19:28:04 <DavidWHodgins> HiYa. Sorry I'm late. Got woken up a few minutes ago by a telemarketer.
19:28:12 <lewyssmith> !
19:28:15 <sebsebseb> DavidWHodgins: no actsually you didn't make it, your  alseep, and dreaming about QA
19:28:32 <MrsB> Morning Disco Dave :)
19:28:40 <DavidWHodgins> ::-)
19:28:50 <MrsB> #chair DavidWHodgins
19:28:50 <Inigo_Montoya> Current chairs: DavidWHodgins MrsB wilcal
19:28:58 <Kernewes> DavidWHodgins: have you fed the cat?
19:28:58 <wilcal> Your info posting MrsB sounds like a good plan
19:29:06 <MrsB> Have we done this to death then?
19:29:13 <lewyssmith> Yes.
19:29:16 <Luigi12_work> nuts, the ZDNet article didn't mention us.  Could have sworn I saw one that did.  Oh well.
19:29:57 <MrsB> Any volunteers to put a paragraph together for a blog post?
19:30:23 <wilcal> Over the next few days I'll help contribute to the blog post
19:30:36 <DavidWHodgins> Current topic is "Testing updates"?
19:30:37 <MrsB> it only needs a parapgraph
19:30:49 <MrsB> coming next dave
19:30:49 <wilcal> Yep, short and sweet
19:31:00 <MrsB> Ok let's move on then
19:31:15 <MrsB> #topic Testing Updates
19:31:29 <raingazer> this was the tweet that broke the 0-day OpenSSL by Google security researcher =>https://twitter.com/neelmehta/status/453255264938901504
19:31:30 <MrsB> We don't seem to be getting on top of these
19:31:30 <[mbot> [ Twitter / neelmehta: Openssl 0day, may expose session ... ]
19:32:06 <MrsB> we really need a concerted effort to validate some of the bugfixes
19:32:07 <DavidWHodgins> I'll probably go back to sleep after the meeting, for a few more hours, then try to get back into testing them.
19:32:29 <MrsB> if you do Dave you could concentrate on the bugfix updates please
19:32:45 <lewyssmith> I find most that I look at incomprehensible.
19:33:07 <Kernewes> me too
19:33:11 <wilcal> There are some bugs in there that are fully tested but not pushed
19:33:16 <Kernewes> got a busy spell between now and Easter too
19:33:22 <Kernewes> and not feeling good either
19:33:25 <lewyssmith> Spend hours just researching what they are talking about.
19:34:13 <MrsB> it can be like that sometimes lewis, once it's been done once though it provides a good reference to look back on for next time
19:34:42 <lewyssmith> You always say that. But it's always something new.
19:35:11 <Kernewes> trouble is, by the time I've done the research I haven't got any time left to test :(
19:35:26 <MrsB> remember to click the bugzilla link on madb when looking for general testing ideas but also read through the bug report itself, bugfix updates usually have an explanation of the bug in the first few comments
19:35:31 <DavidWHodgins> The only one I see right now, that's fully tested, but hasn't been pushed, due to the advisory not being in svn yet, is fail2ban.
19:35:45 <MrsB> needs retesting that one Dave
19:35:52 <MrsB> it was rebuilt this evening
19:36:07 <MrsB> fixes log file paths in jail.conf
19:36:18 <lewyssmith> wilcal: I did not understand your JBIG test at all.
19:36:21 <wilcal> I've got four candidates from the list that can maybe be pushed
19:36:22 <DavidWHodgins> Ah. Ok. The ok tags should have been removed when it was rebuilt.
19:36:31 <wilcal> jbigkit new security issue CVE-2013-6369
19:36:33 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=13174
19:36:34 <[mbot> Bug 13174: major, Normal, qa-bugs, NEW , jbigkit new security issue CVE-2013-6369, jbigkit-2.0-7.mga4.src.rpm
19:36:34 <wilcal> Is probably ready to go.
19:37:04 <MrsB> remember to add the ok's wilcal
19:37:26 <lewyssmith> I wondered why he did not.
19:37:29 <wilcal> Nobody is having an issue so I can add that
19:37:41 <wilcal> [candidate] mesa bug fixes update
19:37:42 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=13149
19:37:44 <wilcal> Is probably ready to go.
19:37:45 <[mbot> Bug 13149: normal, Normal, qa-bugs, NEW , [candidate] mesa bug fixes update, mesa-10.0.4-1.mga4.src.rpm
19:37:50 <MrsB> i think that can go now yeah
19:38:02 <wilcal> fail2ban new security issues CVE-2013-7176 and CVE-2013-7177
19:38:04 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=11569
19:38:05 <wilcal> Fully tested not going anywhere?
19:38:07 <[mbot> Bug 11569: major, Normal, qa-bugs, ASSIGNED , fail2ban new security issues CVE-2013-7176 and CVE-2013-7177, fail2ban
19:38:11 <MrsB> my appeal on dev for testers fell on deaf ears
19:38:17 <wilcal> push it
19:38:26 <MrsB> can't, see above ^^
19:38:53 <wilcal> Remote CUPS server not being detected automatically, only when searching for hostname
19:38:54 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=12781
19:38:55 <[mbot> Bug 12781: normal, High, doktor5000, ASSIGNED , Remote CUPS server not being detected automatically, only when searching for hostname, system-config-printer
19:38:56 <wilcal> IMO is really ready to go. Somebody else other then
19:38:57 <wilcal> myself needs to test it.
19:39:01 <wilcal> not on the list though
19:39:25 <wilcal> I'm being very Mr Executive today  :-))))
19:39:33 <MrsB> doing a grand job
19:39:47 <DavidWHodgins> ☺
19:40:01 <wilcal> Anyway those are the obvious ones I see
19:40:17 <MrsB> virt-manager is easy to test, it's alot like virtualbox
19:40:28 <MrsB> start libvirtd service before you use it is all
19:40:46 <wilcal> I'd say push
19:40:48 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=13083
19:40:49 <wilcal> too
19:40:50 <[mbot> Bug 13083: normal, Normal, qa-bugs, NEW , Update cups-drivers-splix (see Fedora, Ubuntu, Arch Linux), cups-drivers-splix-2.0.0-6.mga4.src.rpm
19:41:07 <lewyssmith> I think I can try the json thingy, found good test scripts.
19:41:32 <MrsB> nobody has even checked the packages install ok yet for that one wilcal
19:41:44 <MrsB> great lewis, have a go at it
19:41:53 <MrsB> it's a new one on me too
19:42:25 <wilcal> That's cux nobody has any of those printers we could wait forever
19:42:45 <Luigi12_work> did AlexL confirm the update fixes the issue?
19:42:50 <Luigi12_work> I know he's the packager, but he has the printer
19:42:54 <MrsB> as far as we know at the moment though there might not be any packages actually built, we do need to check
19:43:03 <wilcal> I can install it but unless you have at least one of those printers you can't really test it
19:43:13 <lewyssmith> I found it difficult to understand the wording in this bug.
19:43:32 <Luigi12_work> probably his thread on the discuss (not qa-discuss) mailing list is clearer
19:43:38 <MrsB> I think it essentially adds support for a range of printers
19:43:52 <wilcal> That's all it does
19:44:09 <wilcal> Install it, if nothing crashes, push it
19:44:11 <DavidWHodgins> If we don't have the hardware needed, and can't find volunteers to help testing it, we just test that the update installs cleanly.
19:44:17 <MrsB> yep
19:44:27 <wilcal> Sounds like a plan
19:44:27 <MrsB> we can't push it without even doing that much though
19:44:38 <wilcal> That's easy to do
19:44:40 <lewyssmith> So I can do at least that.
19:44:50 <wilcal> Thanks lewyss
19:45:04 <MrsB> cool, so we're getting somewhere :)
19:45:21 <lewyssmith> Except no-one tries E17 which is dead easy.
19:45:22 <MrsB> we need to really bring the list back down under control or we'll never get 4.1 released
19:45:22 <wilcal> Mr Executive at work  :-)))) feels like old times
19:45:43 <wilcal> I'm gonna take a shot at
19:45:45 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=12496
19:45:45 <Kernewes> lewyssmith: I don't think it likes my old hardware
19:45:46 <[mbot> Bug 12496: normal, Normal, qa-bugs, ASSIGNED , drakscanner can't install SANE packages (xsane missing in task-scanning), task-scanning
19:45:56 <wilcal> but I gotta build a system on real hardware
19:46:02 <lewyssmith> Kernewes: I noticed your attempt.
19:46:37 <lewyssmith> The SANE thing ground to a halt between  developers.
19:46:40 <DavidWHodgins> If it's a usb connected scanner, it can be associated with one vb guest, at a time.
19:47:13 <lewyssmith> Why not commit it and submit to updates_testing?
19:47:15 <wilcal> I haven't figured out how to pass the USB port over to my Vbox client yet
19:47:23 <MrsB> I'm trying to keep on top of the security updates but there are not enough hours or energy to do that and the bugfixes. If you guys can clear the bugfixes I'll plug away at the sec updates and with a a bit of a push we'll soon be where we need to be.
19:47:29 <lewyssmith> Why cannot I wait for at least one person to confirm it's OK?
19:47:44 <lewyssmith> Quotations from the bug.
19:47:52 <DavidWHodgins> After starting the vb guest, click on the devices menu/usb/select the scanner.
19:48:20 <wilcal> I think you need a special Vbox plug in
19:48:31 <wilcal> anyway I need to poke at that somemore
19:48:43 <DavidWHodgins> The extensions have to be installed in the host system.
19:48:56 <MrsB> usb needs the addon from oracle wilcal
19:48:59 <wilcal> Used to be it was crippled in the Free Vbox version
19:49:09 <MrsB> yeah, it is still
19:49:12 <wilcal> Ya that's it how do I get that addon
19:49:20 <MrsB> virtualbox.org
19:49:23 <wilcal> $$$$$$$
19:49:40 <wilcal> Thanks I'll take a look
19:49:40 <lewyssmith> Re the SANE bug again, it is in a state of disagreement.
19:49:56 <MrsB> https://www.virtualbox.org/wiki/Downloads the extension packs
19:49:59 <wilcal> Maybe I be of no help there
19:50:01 <DavidWHodgins> The extensions is the only part that is different now, from the open source, and direct download versions of vb.
19:50:06 <lewyssmith> Otherwise I would have tried it ages ago.
19:51:00 <wilcal> thks
19:51:07 <MrsB> I think thierry would probably say it was ready fr tests lewis
19:51:39 <lewyssmith> The fix is disputed.
19:51:58 <DavidWHodgins> There is no advisory in the bug report yet either.
19:52:18 <MrsB> hmm sounds like he wants it tested before building updated packages, maybe more to it than normal.
19:52:31 <lewyssmith> Adding this require wasn't the proper fix. Droping the dialog is the right fix.
19:52:41 <lewyssmith> Citation.
19:52:43 <MrsB> yep, leave that one then
19:53:56 <MrsB> yeah he wants the code testing rather than a packge
19:54:47 <MrsB> so everybody have enough to be going on with?
19:55:24 <DavidWHodgins> Yep
19:55:29 <lewyssmith> 'Everybody' is rather minimal at present.
19:55:35 <MrsB> if there are any you get stuck on, please ask either on the bug or on qa-discuss or irc about it rather than leaving it.
19:55:52 <wilcal> Very busy
19:56:47 <MrsB> Ok please do crack on with them though, we really do need to get back on top of things
19:56:55 <MrsB> thanks :)
19:56:59 <DavidWHodgins> #topic Luigi's Roundup
19:57:08 <MrsB> thanks Dave
19:57:13 <Luigi12_work> boo
19:57:14 <MrsB> Luigi12_work: pingaling
19:57:19 <MrsB> OoOoooo
19:57:26 <Luigi12_work> not sure how to respond to pingaling :o)
19:57:37 <DavidWHodgins> lol
19:57:39 <MrsB> you just pongalong :D
19:57:50 <Luigi12_work> ahh, guess I should read teh RFC
19:57:54 <raingazer> pingaling/ack  (of course :-)
19:58:37 <Luigi12_work> I guess I don't have anything in particular to say about the current update set.  guillomovitch fixed bugzilla, so I've finally pushed that back to QA after however many months :o)
19:58:51 <Luigi12_work> I'll push tigervnc soon
19:59:07 <Luigi12_work> still waiting for oden to update asterisk and give me the OK to push the new PHP updates to QA
19:59:14 <Luigi12_work> I think the PHP update is OK and he just forgot to say so
19:59:14 <MrsB> another one
19:59:17 <Luigi12_work> yeah
19:59:24 <Luigi12_work> another file/libmagic CVE
19:59:39 <Luigi12_work> Oden posted PoC information, so should be easy to test
19:59:45 <MrsB> oh cool
20:00:10 <Luigi12_work> Oden's also preparing a WordPress update, but I need to make sure the new WordPress auto-update feature is disabled before pushing to QA
20:00:23 <MrsB> #info Another php update coming for another file/libmagic issue, asterisk, tigervnc also coming soon
20:01:03 <Luigi12_work> Chrome (and therefore Chromium Browser) 34 is out, fixing several security issues.  However, a user posted in Bugzilla that Flash will no longer work as of 34, so I need to get some clarification on that before doing anything with that one.
20:01:34 <MrsB> #info wordpress too when the auto-update has been disabled, chromium 34 is out but clarifrication needed on a possible flash issue with it
20:01:48 <MrsB> any packaging issues now Luigi12_work?
20:01:55 <Luigi12_work> there are a few others waiting on packagers as usual, but probably not imminitenly coming to QA
20:02:23 <lewyssmith> Does anyone know whether Chromium spies on you?
20:02:46 <MrsB> chromium is open source, so no more than any other.
20:02:46 <Luigi12_work> boinc-client (coincoin), virtualbox (tmb), postgresql (Funda), prosody/lua-expat (tv) if you're curious
20:02:54 <wilcal> Everything spies on you
20:02:57 <Luigi12_work> openafs still has packaging issues that need worked out, and it has a new CVE :o(
20:03:02 <DavidWHodgins> lewyssmith: No, or at least not like the chrome from google itself.
20:03:08 <rindolf> lewyssmith: I think by default it has some call-Google-home features.
20:03:46 <wilcal> Watched a friend install a Windows app in Win7 talk about spyware what a mess
20:03:57 <MrsB> #info several waiting on maintainers - eg. boinc-client (coincoin), virtualbox (tmb), postgresql (Funda), prosody/lua-expat (tv)
20:04:24 <MrsB> raingazer is our openafs expert :)
20:04:48 <lewyssmith> Are there any stock databases for things like postgresql?
20:05:00 <raingazer> uh-oh, I know what's next...  :-)
20:05:12 <DavidWHodgins> :-)
20:05:15 <Luigi12_work> raingazer did contribute some information on the Bug 7085 about openafs
20:05:16 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=7085 critical, Normal, mageia, NEW , openafs new security issues CVE-2013-4134 and CVE-2013-4135, openafs-1.6.2.1-1.mga3.src.rpm
20:05:21 <Luigi12_work> still need a packager to do some fixes
20:05:37 <Luigi12_work> I might get to it eventually, but probably not until late this year
20:05:46 <MrsB> postgresql can be tested easily using the webmin module, the difficulty with it are the different postresql versions. There is a previous update which details how to go about it
20:06:00 <Luigi12_work> yeah there's like 4 postgresql versions packaged
20:06:10 <MrsB> several previous updates in fact
20:06:39 <Luigi12_work> yeah, not sure why Funda isn't updating it for stable releases anymore
20:07:02 <Luigi12_work> I have no interest in picking up yet another set of packages for which I'm the defacto maintainer
20:07:17 <lewyssmith> Sympathise.
20:07:21 <MrsB> is funda still locked down? He wasn't contactable for a while
20:08:22 <rindolf> Luigi12_work: can I help with Pg?
20:09:25 <Luigi12_work> rindolf: possibly.  We just need the versions for Mageia 3 and Mageia 4 update.
20:09:27 <Luigi12_work> updated
20:10:04 <rindolf> Luigi12_work: ah, OK.
20:10:16 <Luigi12_work> Funda already updated it in Cauldron
20:11:31 <MrsB> all done?
20:11:38 <Luigi12_work> any questions for me?
20:11:43 <DavidWHodgins> Not here
20:11:53 <sebsebseb> no
20:12:01 <Kernewes> no
20:12:04 <DavidWHodgins> #topic Anything else?
20:12:14 <MrsB> Thanks Luigi12_work
20:12:20 <MrsB> And dave :)
20:12:24 <MrsB> Is there anything else?
20:12:25 * raingazer having no joy to get vmware workstation 9 working in mga4 (it works fine in mga3). Has anyone else tried?
20:12:26 <sebsebseb> anything else nope
20:12:38 <wilcal> not here
20:12:48 <Kernewes> raingazer: not tried
20:12:52 <Kernewes> no more from me
20:13:04 <MrsB> not used it at all
20:13:11 <DavidWHodgins> raingazer: Nope. I usually stick with virtualbox
20:13:14 <sebsebseb> raingazer: Virtualbox FTW?
20:13:24 <MrsB> kernel modules are the usual issue aren't they?
20:14:12 <MrsB> Anything else else?
20:14:20 <DavidWHodgins> Not here.
20:14:22 <raingazer> when I last tried VB, i could not get a VOIP application to work correctly (audio-in from microphone not working). I may have another go with the current version.
20:14:23 <Kernewes> nothng else at all at all
20:14:30 <wilcal> I'm done being Mr Executive now I can go back being retired
20:14:41 <Kernewes> retired? with Mageia?
20:14:44 <MrsB> no, no retirement until the list is cleared :P
20:14:46 <DavidWHodgins> :-)
20:14:53 <wilcal> I still work as much as I used to well almost
20:14:59 <MrsB> T-5 then
20:15:05 <lewyssmith> Bonne nuit.
20:15:06 <MrsB> thanks for comign everybody
20:15:08 <MrsB> 4
20:15:10 <MrsB> 3
20:15:12 <MrsB> 2
20:15:13 <MrsB> 1
20:15:18 <MrsB> #endmeeting