19:06:55 <MrsB> #startmeeting 19:06:55 <Inigo_Montoya> Meeting started Thu Apr 10 19:06:55 2014 UTC. The chair is MrsB. Information about MeetBot at http://wiki.debian.org/MeetBot. 19:06:55 <Inigo_Montoya> Useful Commands: #action #agreed #help #info #idea #link #topic. 19:07:17 <MrsB> Hi everybody 19:07:20 <rindolf> MrsB: hi. 19:07:25 <Kernewes> MrsB: hi MrsB 19:07:30 <wilcal> Hi all 19:07:38 <MrsB> Welcome to another meeting :) 19:07:46 <MrsB> #chair wilcal 19:07:46 <Inigo_Montoya> Current chairs: MrsB wilcal 19:07:56 <MrsB> It looks like Dave won't be joining us tonight 19:08:01 <wilcal> Yippeee I'll try to behave myself 19:08:16 <MrsB> he's been having halth problems and sleeping alot 19:08:35 <MrsB> #topic Who's new? 19:08:52 <MrsB> Is there anybody new here tonight? 19:09:00 * Kernewes prays that there is 19:09:07 <lewyssmith> Why? 19:09:08 <sebsebseb> hi 19:09:18 <Kernewes> lewyssmith: we need more team members 19:09:18 <MrsB> hi sebsebseb you're not new 19:09:19 * sebsebseb is bran new :d 19:09:28 <lewyssmith> Kernewes: True... 19:09:57 <MrsB> looks like nobody today 19:10:02 <sebsebseb> no don't be followed raingazer isn't new either, just his name it eems 19:10:07 <lewyssmith> That makes the 3rd Gazer. 19:10:07 <sebsebseb> fooled above 19:10:20 <diogenese> He's a legion. 19:10:38 <Kernewes> we need an updategazer 19:10:38 <MrsB> #topic Heartbleed 19:10:39 <raingazer> muhahaha ;-) 19:10:52 <MrsB> wilcal: you wanted to talk about this didn't you 19:11:05 <lewyssmith> He did. 19:11:19 <wilcal> Should we talk about this now or during Luigi's section 19:11:23 <MrsB> caught him with nothing to paste :D 19:11:39 <MrsB> we can do both 19:11:48 <wilcal> OK the political now 19:12:00 <wilcal> It's all over the news here and "Linux" is taking a hit 19:12:22 <lewyssmith> A friend from Canada sent me links about it. 19:12:35 <wilcal> One newscast listed all the major linux distros and I was holding my breath waiting for them to meniton Mageia 19:12:40 <wilcal> they did not 19:12:44 <sebsebseb> yes I saw your emai to QA discus about that wilcal 19:12:50 <sebsebseb> BBC uhmm 19:12:53 <sebsebseb> I read a aritcle where 19:13:03 <wilcal> "90%" of the Internet has been compromised 19:13:15 <sebsebseb> they are saying to re set passwords, but then it also uhmm mentioned how the Rassbery Pi generation could do stuff 19:13:16 <raingazer> Mageia were quick to get the update out and it's fixed 19:13:30 <wilcal> I 19:13:31 <wilcal> I see doktor5000 is thrashing around in the forums about this exploit. I think Mageia needs to generate 19:13:33 <wilcal> an easily understood paragraph about how Mageia is effected or not and/or how to midigate it all. 19:13:47 <sebsebseb> and it's like oh maybe shoudn't just g and re st passwords, but it' a goo idea jut re set if tol by th companies, an Yahoo had issues. oh and if re setting the passwor on a service that isn't fix, I guess that may not do much good then 19:13:53 <MrsB> you mean a blog post? 19:14:00 <sebsebseb> are we all meant to re et all our passwords or not by the way? for everything 19:14:01 <wilcal> Something on www.mageia.org that doktor5000 can refer to 19:14:10 <wilcal> Something very simple 19:14:28 <MrsB> Why not put something together and email it to council 19:14:47 <sebsebseb> BBC think the Rassbery Pi genration will exploit the issue 19:14:49 <raingazer> this link gives a good overview => http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html 19:14:50 <[mbot> [ Half a million widely trusted websites vulnerable to Heartbleed bug | Netcraft ] 19:14:52 <wilcal> Best it come first from Luigi then we can refine it 19:14:57 <sebsebseb> or so it seems going by whta I read before 19:15:09 <wilcal> Lots of referencs on the net 19:15:15 <lewyssmith> What I read about it, it had *not* actually been exploited. It will be now. 19:15:17 <wilcal> Nothing that is Mageia specific 19:15:29 <raingazer> "Certificates and keys at risk of compromise should be revoked and replaced, particularly if they are used to protect sensitive data." 19:15:43 <wilcal> But the news media is exploiting it to "sell newspapers"\ 19:16:15 <MrsB> so you're wanitng to volunteer David to write something? 19:16:30 <sebsebseb> ok, but are the email passwords etc meant to rally get re set, because of that? 19:16:53 <wilcal> Someone who intimately understands our security on Mageia and OpenSSL 19:17:24 <wilcal> Simple statements like "If your not running a server it does not effect you" 19:17:32 <MrsB> There is plenty of info out there, I don't think we need to hype it more than it has been. 19:17:53 <sebsebseb> wilcal: iff not running a server it does not effect, really? 19:18:07 <sebsebseb> apparnatly all or pretty much paswords meant to get re set tough, email etc etc 19:18:08 <wilcal> Low on hype, Mageia updates mitigate the risk 19:18:49 <MrsB> Ok, let's ask Luigi then and if he's too busy maybe raingazer would do something for us :) 19:19:06 <MrsB> or if not the treegazer or wikigazer might 19:19:11 <wilcal> If your not running a OpenSSL server Heartbleed can't reach into to Mageia workstation 19:19:47 <raingazer> as far as I can tell, wiki.mageia.org and forums.mageia.org are not vulnerable 19:19:58 <wilcal> Heartbleed & Mageia for dummies paragraph 19:20:11 <raingazer> but, I do not know if the certificates have been replaced 19:20:50 <Luigi12_work> from what I understand, the impact isn't limited to servers, those are just the most-at-risk so the first priority was to get them patched 19:21:09 <Luigi12_work> but malicious servers can steal 64k of memory from clients too, pretty much anything using openssl 1.0.1 is affected 19:21:09 <wilcal> Thanks Luigi 19:21:32 <Luigi12_work> I wouldn't call myself a security expert though, so I only know what I've read 19:21:36 <wilcal> Latest OpenSSL here is 1.01e I think 19:21:58 <wilcal> One news report today said you had to have 1.01g to be safe 19:22:01 <raingazer> and, it's not just webservers on 443, it's any server using OpenSSL (for example, some IRC servers have encrypted channels that use it) 19:22:02 <Luigi12_work> the letter isn't important 19:22:06 <MrsB> it was patched to fix it 19:22:07 <Luigi12_work> it's just a matter of what patches your build has 19:22:19 <Luigi12_work> our update has the appropriate fix 19:22:29 <sebsebseb> Luigi12_work: wilcal thinks your a security expert 19:22:32 <Luigi12_work> raingazer: yes that's also true 19:22:38 <Luigi12_work> sebsebseb: yes I noticed that, sorry to disappoint 19:22:59 <wilcal> Maybe just a simple statement that an up-to-date Mageia 3/4 system is safe 19:23:11 <MrsB> openvpn is also affected, along with many other things which use openssl. It's not restricted to web servers 19:23:15 <raingazer> wilcal: you are safe with 1.01g but Many distros have patched their current release.Mageia has patched 1.01e (as have CentOS) 19:23:24 <Luigi12_work> ZDNet I think already pushlished an article that mentioned that we already have the fix 19:23:30 <lewyssmith> Do I take it that our recent OpenSSL update *does* fix it? 19:23:39 <MrsB> of course, yes 19:23:44 <raingazer> MrsB: exactly, anything that uses OpenSSL 19:23:56 <wilcal> If we are mentioned in ZDNet maybe just a link to that would be GREAT!!!! 19:24:09 <Luigi12_work> I've read so many articles this week I have trouble finding them 19:24:19 <diogenese> It tests ok here according to http://filippo.io/Heartbleed 19:24:21 <[mbot> [ Test your server for Heartbleed (CVE-2014-0160) ] 19:24:24 <Luigi12_work> I already tried to find one reference about the seriousness of it for a friend that was asking and I couldn't find the one I was looking for 19:24:27 <wilcal> Poor doktor5000 is get'n beat up on the forum 19:24:59 <MrsB> http://heartbleed.com/ is a good reference 19:25:00 <[mbot> [ Heartbleed Bug ] 19:25:20 <wilcal> Somewhere somehow something has to say "Mageia is OK" 19:25:53 <Luigi12_work> wilcal: something does 19:26:03 <wilcal> And that link is where 19:26:09 <raingazer> it;s the security advisory 19:26:17 <Luigi12_work> this is why we have security advisories 19:26:29 <MrsB> #info wilcal suggests a short blog post with info that the recent openssl update fixes this issue and some links to further reading. 19:26:33 <wilcal> But thats's not something that the casual user would find 19:26:35 <Luigi12_work> http://lwn.net/Vulnerabilities/593110/ shows various distros advisories for this 19:26:38 <[mbot> [ openssl: side-channel attack [LWN.net] ] 19:26:40 <Luigi12_work> oops wron glink 19:26:52 <Luigi12_work> http://lwn.net/Vulnerabilities/593861/ 19:26:54 <[mbot> [ openssl: information disclosure [LWN.net] ] 19:26:58 <lewyssmith> I like glink. 19:27:18 <wilcal> That looks good 19:27:18 <Luigi12_work> if users are interested in information about security vulnerabilities, they should look at the security advisories, duh, that's what they're there for 19:27:33 <lewyssmith> Hello Dave. 19:27:41 <sebsebseb> hi DavidWHodgins :) you made it 19:28:04 <DavidWHodgins> HiYa. Sorry I'm late. Got woken up a few minutes ago by a telemarketer. 19:28:12 <lewyssmith> ! 19:28:15 <sebsebseb> DavidWHodgins: no actsually you didn't make it, your alseep, and dreaming about QA 19:28:32 <MrsB> Morning Disco Dave :) 19:28:40 <DavidWHodgins> ::-) 19:28:50 <MrsB> #chair DavidWHodgins 19:28:50 <Inigo_Montoya> Current chairs: DavidWHodgins MrsB wilcal 19:28:58 <Kernewes> DavidWHodgins: have you fed the cat? 19:28:58 <wilcal> Your info posting MrsB sounds like a good plan 19:29:06 <MrsB> Have we done this to death then? 19:29:13 <lewyssmith> Yes. 19:29:16 <Luigi12_work> nuts, the ZDNet article didn't mention us. Could have sworn I saw one that did. Oh well. 19:29:57 <MrsB> Any volunteers to put a paragraph together for a blog post? 19:30:23 <wilcal> Over the next few days I'll help contribute to the blog post 19:30:36 <DavidWHodgins> Current topic is "Testing updates"? 19:30:37 <MrsB> it only needs a parapgraph 19:30:49 <MrsB> coming next dave 19:30:49 <wilcal> Yep, short and sweet 19:31:00 <MrsB> Ok let's move on then 19:31:15 <MrsB> #topic Testing Updates 19:31:29 <raingazer> this was the tweet that broke the 0-day OpenSSL by Google security researcher =>https://twitter.com/neelmehta/status/453255264938901504 19:31:30 <MrsB> We don't seem to be getting on top of these 19:31:30 <[mbot> [ Twitter / neelmehta: Openssl 0day, may expose session ... ] 19:32:06 <MrsB> we really need a concerted effort to validate some of the bugfixes 19:32:07 <DavidWHodgins> I'll probably go back to sleep after the meeting, for a few more hours, then try to get back into testing them. 19:32:29 <MrsB> if you do Dave you could concentrate on the bugfix updates please 19:32:45 <lewyssmith> I find most that I look at incomprehensible. 19:33:07 <Kernewes> me too 19:33:11 <wilcal> There are some bugs in there that are fully tested but not pushed 19:33:16 <Kernewes> got a busy spell between now and Easter too 19:33:22 <Kernewes> and not feeling good either 19:33:25 <lewyssmith> Spend hours just researching what they are talking about. 19:34:13 <MrsB> it can be like that sometimes lewis, once it's been done once though it provides a good reference to look back on for next time 19:34:42 <lewyssmith> You always say that. But it's always something new. 19:35:11 <Kernewes> trouble is, by the time I've done the research I haven't got any time left to test :( 19:35:26 <MrsB> remember to click the bugzilla link on madb when looking for general testing ideas but also read through the bug report itself, bugfix updates usually have an explanation of the bug in the first few comments 19:35:31 <DavidWHodgins> The only one I see right now, that's fully tested, but hasn't been pushed, due to the advisory not being in svn yet, is fail2ban. 19:35:45 <MrsB> needs retesting that one Dave 19:35:52 <MrsB> it was rebuilt this evening 19:36:07 <MrsB> fixes log file paths in jail.conf 19:36:18 <lewyssmith> wilcal: I did not understand your JBIG test at all. 19:36:21 <wilcal> I've got four candidates from the list that can maybe be pushed 19:36:22 <DavidWHodgins> Ah. Ok. The ok tags should have been removed when it was rebuilt. 19:36:31 <wilcal> jbigkit new security issue CVE-2013-6369 19:36:33 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=13174 19:36:34 <[mbot> Bug 13174: major, Normal, qa-bugs, NEW , jbigkit new security issue CVE-2013-6369, jbigkit-2.0-7.mga4.src.rpm 19:36:34 <wilcal> Is probably ready to go. 19:37:04 <MrsB> remember to add the ok's wilcal 19:37:26 <lewyssmith> I wondered why he did not. 19:37:29 <wilcal> Nobody is having an issue so I can add that 19:37:41 <wilcal> [candidate] mesa bug fixes update 19:37:42 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=13149 19:37:44 <wilcal> Is probably ready to go. 19:37:45 <[mbot> Bug 13149: normal, Normal, qa-bugs, NEW , [candidate] mesa bug fixes update, mesa-10.0.4-1.mga4.src.rpm 19:37:50 <MrsB> i think that can go now yeah 19:38:02 <wilcal> fail2ban new security issues CVE-2013-7176 and CVE-2013-7177 19:38:04 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=11569 19:38:05 <wilcal> Fully tested not going anywhere? 19:38:07 <[mbot> Bug 11569: major, Normal, qa-bugs, ASSIGNED , fail2ban new security issues CVE-2013-7176 and CVE-2013-7177, fail2ban 19:38:11 <MrsB> my appeal on dev for testers fell on deaf ears 19:38:17 <wilcal> push it 19:38:26 <MrsB> can't, see above ^^ 19:38:53 <wilcal> Remote CUPS server not being detected automatically, only when searching for hostname 19:38:54 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=12781 19:38:55 <[mbot> Bug 12781: normal, High, doktor5000, ASSIGNED , Remote CUPS server not being detected automatically, only when searching for hostname, system-config-printer 19:38:56 <wilcal> IMO is really ready to go. Somebody else other then 19:38:57 <wilcal> myself needs to test it. 19:39:01 <wilcal> not on the list though 19:39:25 <wilcal> I'm being very Mr Executive today :-)))) 19:39:33 <MrsB> doing a grand job 19:39:47 <DavidWHodgins> ☺ 19:40:01 <wilcal> Anyway those are the obvious ones I see 19:40:17 <MrsB> virt-manager is easy to test, it's alot like virtualbox 19:40:28 <MrsB> start libvirtd service before you use it is all 19:40:46 <wilcal> I'd say push 19:40:48 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=13083 19:40:49 <wilcal> too 19:40:50 <[mbot> Bug 13083: normal, Normal, qa-bugs, NEW , Update cups-drivers-splix (see Fedora, Ubuntu, Arch Linux), cups-drivers-splix-2.0.0-6.mga4.src.rpm 19:41:07 <lewyssmith> I think I can try the json thingy, found good test scripts. 19:41:32 <MrsB> nobody has even checked the packages install ok yet for that one wilcal 19:41:44 <MrsB> great lewis, have a go at it 19:41:53 <MrsB> it's a new one on me too 19:42:25 <wilcal> That's cux nobody has any of those printers we could wait forever 19:42:45 <Luigi12_work> did AlexL confirm the update fixes the issue? 19:42:50 <Luigi12_work> I know he's the packager, but he has the printer 19:42:54 <MrsB> as far as we know at the moment though there might not be any packages actually built, we do need to check 19:43:03 <wilcal> I can install it but unless you have at least one of those printers you can't really test it 19:43:13 <lewyssmith> I found it difficult to understand the wording in this bug. 19:43:32 <Luigi12_work> probably his thread on the discuss (not qa-discuss) mailing list is clearer 19:43:38 <MrsB> I think it essentially adds support for a range of printers 19:43:52 <wilcal> That's all it does 19:44:09 <wilcal> Install it, if nothing crashes, push it 19:44:11 <DavidWHodgins> If we don't have the hardware needed, and can't find volunteers to help testing it, we just test that the update installs cleanly. 19:44:17 <MrsB> yep 19:44:27 <wilcal> Sounds like a plan 19:44:27 <MrsB> we can't push it without even doing that much though 19:44:38 <wilcal> That's easy to do 19:44:40 <lewyssmith> So I can do at least that. 19:44:50 <wilcal> Thanks lewyss 19:45:04 <MrsB> cool, so we're getting somewhere :) 19:45:21 <lewyssmith> Except no-one tries E17 which is dead easy. 19:45:22 <MrsB> we need to really bring the list back down under control or we'll never get 4.1 released 19:45:22 <wilcal> Mr Executive at work :-)))) feels like old times 19:45:43 <wilcal> I'm gonna take a shot at 19:45:45 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=12496 19:45:45 <Kernewes> lewyssmith: I don't think it likes my old hardware 19:45:46 <[mbot> Bug 12496: normal, Normal, qa-bugs, ASSIGNED , drakscanner can't install SANE packages (xsane missing in task-scanning), task-scanning 19:45:56 <wilcal> but I gotta build a system on real hardware 19:46:02 <lewyssmith> Kernewes: I noticed your attempt. 19:46:37 <lewyssmith> The SANE thing ground to a halt between developers. 19:46:40 <DavidWHodgins> If it's a usb connected scanner, it can be associated with one vb guest, at a time. 19:47:13 <lewyssmith> Why not commit it and submit to updates_testing? 19:47:15 <wilcal> I haven't figured out how to pass the USB port over to my Vbox client yet 19:47:23 <MrsB> I'm trying to keep on top of the security updates but there are not enough hours or energy to do that and the bugfixes. If you guys can clear the bugfixes I'll plug away at the sec updates and with a a bit of a push we'll soon be where we need to be. 19:47:29 <lewyssmith> Why cannot I wait for at least one person to confirm it's OK? 19:47:44 <lewyssmith> Quotations from the bug. 19:47:52 <DavidWHodgins> After starting the vb guest, click on the devices menu/usb/select the scanner. 19:48:20 <wilcal> I think you need a special Vbox plug in 19:48:31 <wilcal> anyway I need to poke at that somemore 19:48:43 <DavidWHodgins> The extensions have to be installed in the host system. 19:48:56 <MrsB> usb needs the addon from oracle wilcal 19:48:59 <wilcal> Used to be it was crippled in the Free Vbox version 19:49:09 <MrsB> yeah, it is still 19:49:12 <wilcal> Ya that's it how do I get that addon 19:49:20 <MrsB> virtualbox.org 19:49:23 <wilcal> $$$$$$$ 19:49:40 <wilcal> Thanks I'll take a look 19:49:40 <lewyssmith> Re the SANE bug again, it is in a state of disagreement. 19:49:56 <MrsB> https://www.virtualbox.org/wiki/Downloads the extension packs 19:49:59 <wilcal> Maybe I be of no help there 19:50:01 <DavidWHodgins> The extensions is the only part that is different now, from the open source, and direct download versions of vb. 19:50:06 <lewyssmith> Otherwise I would have tried it ages ago. 19:51:00 <wilcal> thks 19:51:07 <MrsB> I think thierry would probably say it was ready fr tests lewis 19:51:39 <lewyssmith> The fix is disputed. 19:51:58 <DavidWHodgins> There is no advisory in the bug report yet either. 19:52:18 <MrsB> hmm sounds like he wants it tested before building updated packages, maybe more to it than normal. 19:52:31 <lewyssmith> Adding this require wasn't the proper fix. Droping the dialog is the right fix. 19:52:41 <lewyssmith> Citation. 19:52:43 <MrsB> yep, leave that one then 19:53:56 <MrsB> yeah he wants the code testing rather than a packge 19:54:47 <MrsB> so everybody have enough to be going on with? 19:55:24 <DavidWHodgins> Yep 19:55:29 <lewyssmith> 'Everybody' is rather minimal at present. 19:55:35 <MrsB> if there are any you get stuck on, please ask either on the bug or on qa-discuss or irc about it rather than leaving it. 19:55:52 <wilcal> Very busy 19:56:47 <MrsB> Ok please do crack on with them though, we really do need to get back on top of things 19:56:55 <MrsB> thanks :) 19:56:59 <DavidWHodgins> #topic Luigi's Roundup 19:57:08 <MrsB> thanks Dave 19:57:13 <Luigi12_work> boo 19:57:14 <MrsB> Luigi12_work: pingaling 19:57:19 <MrsB> OoOoooo 19:57:26 <Luigi12_work> not sure how to respond to pingaling :o) 19:57:37 <DavidWHodgins> lol 19:57:39 <MrsB> you just pongalong :D 19:57:50 <Luigi12_work> ahh, guess I should read teh RFC 19:57:54 <raingazer> pingaling/ack (of course :-) 19:58:37 <Luigi12_work> I guess I don't have anything in particular to say about the current update set. guillomovitch fixed bugzilla, so I've finally pushed that back to QA after however many months :o) 19:58:51 <Luigi12_work> I'll push tigervnc soon 19:59:07 <Luigi12_work> still waiting for oden to update asterisk and give me the OK to push the new PHP updates to QA 19:59:14 <Luigi12_work> I think the PHP update is OK and he just forgot to say so 19:59:14 <MrsB> another one 19:59:17 <Luigi12_work> yeah 19:59:24 <Luigi12_work> another file/libmagic CVE 19:59:39 <Luigi12_work> Oden posted PoC information, so should be easy to test 19:59:45 <MrsB> oh cool 20:00:10 <Luigi12_work> Oden's also preparing a WordPress update, but I need to make sure the new WordPress auto-update feature is disabled before pushing to QA 20:00:23 <MrsB> #info Another php update coming for another file/libmagic issue, asterisk, tigervnc also coming soon 20:01:03 <Luigi12_work> Chrome (and therefore Chromium Browser) 34 is out, fixing several security issues. However, a user posted in Bugzilla that Flash will no longer work as of 34, so I need to get some clarification on that before doing anything with that one. 20:01:34 <MrsB> #info wordpress too when the auto-update has been disabled, chromium 34 is out but clarifrication needed on a possible flash issue with it 20:01:48 <MrsB> any packaging issues now Luigi12_work? 20:01:55 <Luigi12_work> there are a few others waiting on packagers as usual, but probably not imminitenly coming to QA 20:02:23 <lewyssmith> Does anyone know whether Chromium spies on you? 20:02:46 <MrsB> chromium is open source, so no more than any other. 20:02:46 <Luigi12_work> boinc-client (coincoin), virtualbox (tmb), postgresql (Funda), prosody/lua-expat (tv) if you're curious 20:02:54 <wilcal> Everything spies on you 20:02:57 <Luigi12_work> openafs still has packaging issues that need worked out, and it has a new CVE :o( 20:03:02 <DavidWHodgins> lewyssmith: No, or at least not like the chrome from google itself. 20:03:08 <rindolf> lewyssmith: I think by default it has some call-Google-home features. 20:03:46 <wilcal> Watched a friend install a Windows app in Win7 talk about spyware what a mess 20:03:57 <MrsB> #info several waiting on maintainers - eg. boinc-client (coincoin), virtualbox (tmb), postgresql (Funda), prosody/lua-expat (tv) 20:04:24 <MrsB> raingazer is our openafs expert :) 20:04:48 <lewyssmith> Are there any stock databases for things like postgresql? 20:05:00 <raingazer> uh-oh, I know what's next... :-) 20:05:12 <DavidWHodgins> :-) 20:05:15 <Luigi12_work> raingazer did contribute some information on the Bug 7085 about openafs 20:05:16 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=7085 critical, Normal, mageia, NEW , openafs new security issues CVE-2013-4134 and CVE-2013-4135, openafs-1.6.2.1-1.mga3.src.rpm 20:05:21 <Luigi12_work> still need a packager to do some fixes 20:05:37 <Luigi12_work> I might get to it eventually, but probably not until late this year 20:05:46 <MrsB> postgresql can be tested easily using the webmin module, the difficulty with it are the different postresql versions. There is a previous update which details how to go about it 20:06:00 <Luigi12_work> yeah there's like 4 postgresql versions packaged 20:06:10 <MrsB> several previous updates in fact 20:06:39 <Luigi12_work> yeah, not sure why Funda isn't updating it for stable releases anymore 20:07:02 <Luigi12_work> I have no interest in picking up yet another set of packages for which I'm the defacto maintainer 20:07:17 <lewyssmith> Sympathise. 20:07:21 <MrsB> is funda still locked down? He wasn't contactable for a while 20:08:22 <rindolf> Luigi12_work: can I help with Pg? 20:09:25 <Luigi12_work> rindolf: possibly. We just need the versions for Mageia 3 and Mageia 4 update. 20:09:27 <Luigi12_work> updated 20:10:04 <rindolf> Luigi12_work: ah, OK. 20:10:16 <Luigi12_work> Funda already updated it in Cauldron 20:11:31 <MrsB> all done? 20:11:38 <Luigi12_work> any questions for me? 20:11:43 <DavidWHodgins> Not here 20:11:53 <sebsebseb> no 20:12:01 <Kernewes> no 20:12:04 <DavidWHodgins> #topic Anything else? 20:12:14 <MrsB> Thanks Luigi12_work 20:12:20 <MrsB> And dave :) 20:12:24 <MrsB> Is there anything else? 20:12:25 * raingazer having no joy to get vmware workstation 9 working in mga4 (it works fine in mga3). Has anyone else tried? 20:12:26 <sebsebseb> anything else nope 20:12:38 <wilcal> not here 20:12:48 <Kernewes> raingazer: not tried 20:12:52 <Kernewes> no more from me 20:13:04 <MrsB> not used it at all 20:13:11 <DavidWHodgins> raingazer: Nope. I usually stick with virtualbox 20:13:14 <sebsebseb> raingazer: Virtualbox FTW? 20:13:24 <MrsB> kernel modules are the usual issue aren't they? 20:14:12 <MrsB> Anything else else? 20:14:20 <DavidWHodgins> Not here. 20:14:22 <raingazer> when I last tried VB, i could not get a VOIP application to work correctly (audio-in from microphone not working). I may have another go with the current version. 20:14:23 <Kernewes> nothng else at all at all 20:14:30 <wilcal> I'm done being Mr Executive now I can go back being retired 20:14:41 <Kernewes> retired? with Mageia? 20:14:44 <MrsB> no, no retirement until the list is cleared :P 20:14:46 <DavidWHodgins> :-) 20:14:53 <wilcal> I still work as much as I used to well almost 20:14:59 <MrsB> T-5 then 20:15:05 <lewyssmith> Bonne nuit. 20:15:06 <MrsB> thanks for comign everybody 20:15:08 <MrsB> 4 20:15:10 <MrsB> 3 20:15:12 <MrsB> 2 20:15:13 <MrsB> 1 20:15:18 <MrsB> #endmeeting