#mageia-qa log

19:04:17 <DavidWHodgins> #startmeeting
19:04:17 <Inigo_Montoya> Meeting started Thu May 11 19:04:17 2017 UTC.  The chair is DavidWHodgins. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:04:17 <Inigo_Montoya> Useful Commands: #action #agreed #help #info #idea #link #topic.
19:04:19 <lewyssmith> I saw the problem. See my comment  17 - but you have!
19:04:38 <DavidWHodgins> #chair wilcal tarazed lewyssmith
19:04:38 <Inigo_Montoya> Current chairs: DavidWHodgins lewyssmith tarazed wilcal
19:04:43 <DavidWHodgins> #topic
19:04:44 <DavidWHodgins> This update fixes the following security issues:
19:04:46 <DavidWHodgins> Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server
19:04:47 <DavidWHodgins> configuration bundled with ZoneMinder v1.30 and v1.29, which allows a remote unauthenticated attacker
19:04:49 <DavidWHodgins> to browse all directories in the web root, e.g., a remote unauthenticated attacker can view all CCTV
19:04:50 <DavidWHodgins> images on the server via the /events URI. (CVE-2016-10140)
19:04:52 <DavidWHodgins> Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php. (CVE-2016-10201)
19:04:53 <DavidWHodgins> Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the path info to index.php. (CVE-2016-10202)
19:04:55 <DavidWHodgins> Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the name when creating a new monitor. (CVE-2016-10203)
19:04:56 <DavidWHodgins> 
19:04:58 <DavidWHodgins> SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php. (CVE-2016-10204)
19:04:59 <DavidWHodgins> Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie. (CVE-2016-10205)
19:05:01 <DavidWHodgins> Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action request to index.php. (CVE-2016-10206)
19:05:02 <DavidWHodgins> Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, which allows a remote attacker to execute malicious scripts within an authenticated client's browser. The URL is /zm/index.php and sample parameters could include action=login&view=postlogin[XSS] view=console[XSS] view=groups[XSS] view=events&filter[terms][1][cnj]=and[XSS]
19:05:04 <DavidWHodgins> view=events&filter%5Bterms%5D%5B1%5D%5Bcnj%5D=and[XSS] view=events&filter%5Bterms%5D%5B1%5D%5Bcnj%5D=[XSS]and view=events&limit=1%22%3E%3C/a%3E[XSS] (among others). (CVE-2017-5367)
19:05:05 <DavidWHodgins> ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross Site Request Forgery) which allows a remote attack to make changes to the web application as the current logged in victim. If the victim visits a malicious web page, the attacker can silently and automatically create a new admin user within the web application for remote persistence and further attacks. The URL is /zm/index.php and
19:05:07 <DavidWHodgins> sample parameters could include action=user uid=0 newUser[Username]=attacker1 newUser[Password]=Password1234 conf_password=Password1234 newUser[System]=Edit (among others). (CVE-2017-5368)
19:05:08 <DavidWHodgins> A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile(), which allows an authenticated attacker to read local system files (e.g., /etc/passwd) in the context of the web server user (www-data). The attack vector is a .. (dot dot) in the path parameter within a zm/index.php?view=file&path= request. (CVE-2017-5595)
19:05:10 <DavidWHodgins> A Cross-Site Scripting (XSS) was discovered in ZoneMinder 1.30.2. The vulnerability exists due to insufficient filtration of user-supplied data (postLoginQuery) passed to the "ZoneMinder-master/web/skins/classic/views/js/postlogin.js.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. (CVE-2017-7203)
19:05:11 <DavidWHodgins> Notes for sysadmins:
19:05:13 <DavidWHodgins> 1. CRSF attacks are now blocked by setting the ZoneMinder variable 'ENABLE_CSRF_MAGIC' to 'yes'. During system update you may want to check that this variable is set. In Mageia 'yes' is the default for new installs of ZoneMInder.
19:05:14 <DavidWHodgins> 2. Changes have been made to /etc/httpd/conf/site.d/zoneminder.conf to mitigate CVE-2016-10140. Make sure to accept the new configuration when updating existing systems.
19:05:16 <DavidWHodgins> Oops
19:05:17 <DavidWHodgins> #undo
19:05:17 <Inigo_Montoya> Removing item from minutes: <MeetBot.items.Topic object at 0xb674f12c>
19:05:19 <DavidWHodgins> #topic * Who's new? - If you are then come and say hello.
19:05:24 <wilcal> gracious
19:05:28 <DavidWHodgins> :-)
19:05:48 <DavidWHodgins> So, anyone here who has not been to a qa team irc meeting before?
19:06:07 <DavidWHodgins> Doesn't look like it
19:06:21 <DavidWHodgins> #topic * Mageia 6 rc - Release as is, or wait for more bug fixes?
19:06:36 <wilcal> I have a question
19:06:43 <DavidWHodgins> Go ahead
19:07:05 <lewyssmith> Personally, without having attempted what will be mamoth upgrade, I have no serious complaints about rc.
19:07:23 <wilcal> Today I broiught up LiveDVD, x86_64, Plasma and got the log in screen and it asked for a password. What is the password and should the LiveDVD do that?
19:07:47 <tarazed> The nvidia problems are troubling.
19:07:48 <DavidWHodgins> The password is empty
19:07:54 <wilcal> yes
19:08:16 <wilcal> I've seen this in the passed occasionally
19:08:20 <DavidWHodgins> Does the nvidia problem have a workaround that a relatively non-tech user could use?
19:08:38 <lewyssmith> tarazed: Yes, that and TJ' s Intel video upgrade one. For upgrades only, I think.
19:08:46 <tarazed> Not sure about non-tech but it is easy to do.
19:09:08 <lewyssmith> Charles's post (then TJ's) was quite succint.
19:09:11 <DavidWHodgins> What's involved? I only have radeon graphics here
19:09:54 <wilcal> I executed a Vbox netinstall yesterday and that went very very well
19:09:58 <DavidWHodgins> Ah. The dkms build not running on boot
19:09:59 <tarazed> You have to enable the auto-updater (?) at the desktop and re-install nvidia then reboot.
19:10:25 <lewyssmith> DavidWHodgins: Yes, that is what Charles said.
19:10:26 <DavidWHodgins> Which won't work for live iso booting, since the changes will not be kept
19:10:47 <tarazed> I have not seen Charles's staright install issue, yet.
19:11:07 <lewyssmith> His post was about an *upgrade*.
19:11:35 <lewyssmith> Perfect except the re-boot baulked; which others have suffered.
19:11:57 <DavidWHodgins> Still, that one looks serious enough to change my mind about recommending releasing the rc iso images as is
19:12:07 <tarazed> The initial problem was with upgrades but ne now says that it affects straight installs as well. ?
19:12:17 <krisNL> changes on the lives are being kept after install, it is an aoverlay filesystem
19:12:22 <krisNL> overlay
19:12:33 <lewyssmith> DavidWHodgins: I gave you the bug numbers.
19:12:45 <DavidWHodgins> Yes, just looking at them
19:12:49 <tarazed> Martin is working on a fix.
19:13:08 <DavidWHodgins> krisNL: No, that's not true. Booting from a live iso does not alter the hard drives in any way
19:13:10 <lewyssmith> This is Classic - Upgrade only, not Lives.
19:13:39 <krisNL> hard drives? nvidia?
19:13:45 <lewyssmith> I think Chris meant after installing.
19:14:08 <krisNL> yes, thats what i meant to say
19:14:20 <DavidWHodgins> The overlay uses a ram disk on top of the iso image. The iso image is read only
19:14:35 <DavidWHodgins> The ram disk contents are lost on reboot
19:14:46 <tarazed> Retraction - Charles says that nvidia is not being loaded on Cauldron after new kernels installed.
19:14:51 <krisNL> nope, it's a virtual read-write above
19:15:09 <lewyssmith> Some things *are* preserved from Live use -> install.I have seen comments that say so.
19:15:18 <DavidWHodgins> The iso image can be running from a dvd. It's read only.
19:15:35 <krisNL> after install to hdd, david
19:15:40 <DavidWHodgins> lewyssmith: Yes, if the system is installed to the hard drive.
19:15:58 <lewyssmith> That is what we mean.
19:16:05 <DavidWHodgins> Does the problem affect booting in live mode, or only after booting to a system installed from the live?
19:16:30 <wilcal> I've made simple changes to the LiveDVD desktop and that sticks upon install and reboot
19:17:14 <DavidWHodgins> Agreed. Changes made in live mode, are kept if the install to hard disk is done. Not if rebooting into the live iso again.
19:17:33 <lewyssmith> Bugs 20796 & 20810.
19:18:18 <lewyssmith> Charles: On reboot I did hit [Bug 20796] which means the nvidia module was not
19:18:18 <lewyssmith> built during boot.
19:18:19 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20796 major, release_blocker, isobuild, NEW , proprietary nvidia graphics driver cannot be installed during or after an upgrade
19:19:02 <lewyssmith> wilcal: Bill, what about printer problems?
19:19:41 <wilcal> Sorry I've got to get back to that. I promise to do that this weekend or earlier
19:19:56 <lewyssmith> Are they stopper for freeing RC?
19:20:20 <DavidWHodgins> No. They are a blocker for final, but not for rc,
19:20:58 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=17593
19:20:59 <[mbot> Bug 17593: normal, release_blocker, pkg-bugs, NEW , system-config-printer doesn't discover some USB connected printers, system-config-printer-1.5.7-1.mga6
19:21:12 <DavidWHodgins> We need to get the rc out very soon. Both to keep the community involved, and to find bugs that we don't have the hardware or setups needed to find
19:21:17 <wilcal> should not hold up rc
19:21:47 <DavidWHodgins> But the graphics problems are serious enough to block the rc, in my opinion
19:21:57 <lewyssmith> The two video upgrade bugs, users could be warned NOT to attempt upgrades.
19:22:05 <wilcal> I completely agree. The little green windows thingy is fixed and I'm for releasing the rc for wider testing
19:22:11 <wilcal> ASAP
19:22:36 <lewyssmith> Not that we are short of bugs on M6...
19:23:04 <wilcal> 99% of everyone is committed to making sure the M5 -> M6 upgrade thing works. I'm the 1%
19:23:16 <DavidWHodgins> Does anyone disagree that bug 20810 and bug 20796 should block the rc release?
19:23:17 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20810 critical, release_blocker, isobuild, NEW , After an upgrade from Mageia5->6, the first boot "hangs" with a black screen
19:23:56 <tarazed> Given that nouveau drops in when nvidia fails the systems can still be tested at some level.
19:24:40 <lewyssmith> So long as users are told *not* to upgrade (without backup), they could pass IMHO.
19:24:53 <wilcal> Does that all work if your using Gnome or Xfce?
19:25:07 <lewyssmith> tarazed: I thought re-booted upgraded systems were unusable.
19:25:08 <DavidWHodgins> Does bug 20796 stop graphics from working, or just force the use of the open source driver with less features?
19:25:09 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20796 major, release_blocker, isobuild, NEW , proprietary nvidia graphics driver cannot be installed during or after an upgrade
19:25:50 <lewyssmith> What I have seen (reports), the result is not usable without command line tweaking.
19:26:06 <tarazed> lewis: Some are unusable but in general they should work.  I have  an idiosyncratic hardware combination.
19:26:23 <DavidWHodgins> That's to get the proprietary driver installed. My question is does X work without it?
19:26:34 <krisNL> is this upgrade nvidia issue a problem of the ci iso build or a dkms or something else?
19:26:36 <hviaene> wilcal: I did an upgrade on a M5 Xfce, but that didn't out well. I'dd to search the pad
19:26:41 <lewyssmith> Charles & TJ (+others?) feedback was worse.
19:26:44 <tarazed> In neaarly all cases I think it does.
19:27:06 <DavidWHodgins> X does work?
19:27:12 <wilcal> This M5 -> M6 upgrade is probably the most difficult we've done
19:27:24 <lewyssmith> krisNL: I think it a dkms thingy.
19:27:28 <tarazed> Yes, as I said, for most hardware.
19:27:40 <DavidWHodgins> wilcal: Not compared to the /bin move to /usr/bin/ :-)
19:27:53 <tarazed> krisnl: yes, dkms is involved.
19:28:34 <krisNL> thx, then I'm confident that Martin will fix it :)
19:28:42 <lewyssmith> I would like to try my mamoth upgrade before RC release, but it will take time.
19:28:58 <wilcal> Also https://forums.mageia.org/en/ being down is an M6 release blocker in itself
19:29:12 <lewyssmith> ATI video, so the 2 bugs not involved.
19:29:34 <lewyssmith> wilcal: And the blog?
19:29:46 <DavidWHodgins> wilcal: Blocker for final perhaps, not for rc release.
19:29:47 <tarazed> lewis: so you may not get much sleep tonight.
19:29:54 <wilcal> I agree with that
19:29:58 <lewyssmith> Yes I will!
19:30:20 <lewyssmith> I have been at it all day with emails, wikis, updates.
19:30:28 <wilcal> I thought the only thing left for the sysadmins was the forums
19:30:45 <lewyssmith> No: I think the wiki images are screwed.
19:31:07 <wilcal> http://blog.mageia.org/en/ is alive
19:31:08 <[mbot> [ Mageia Blog (English) | The community Linux distribution ]
19:32:10 <DavidWHodgins> My opinion right now, is that the rc iso images should be held until bug 20796 is fixed. As to bug 20810, I suspect that is hardware dependent, so I don't think that one should block the rc release, as more testing would be helpful.
19:32:12 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20796 major, release_blocker, isobuild, NEW , proprietary nvidia graphics driver cannot be installed during or after an upgrade
19:32:13 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20810 critical, release_blocker, isobuild, NEW , After an upgrade from Mageia5->6, the first boot "hangs" with a black screen
19:32:40 <DavidWHodgins> Does anyone disgree?
19:32:44 <lewyssmith> Shall we wait until Monday for somethig to advance, then decide?
19:32:52 <DavidWHodgins> s /disgree/disagree/
19:33:04 <wilcal> Both have to do with upgrade and that should not hold up rc
19:33:08 <tarazed> Urr.
19:33:10 <lewyssmith> Otherwise I am easy.
19:33:26 <wilcal> Gotta get this out there
19:33:29 <tarazed> Tending to agree to release.
19:33:52 <lewyssmith> It seems possible with suitale ERRATA.
19:33:55 <wilcal> Big step here today on M6 to kick the rc out the door
19:34:42 <DavidWHodgins> Looks like I'm in the minority here, thinking we should have at least one more build
19:35:28 <lewyssmith> Depends on how soon. Just the Classic? Are happy with the Lives? If so, *they* could go out first.
19:35:43 <lewyssmith> Like now.
19:35:46 <krisNL> release the lives
19:35:53 <lewyssmith> Thanks!
19:36:09 <lewyssmith> That will give the community plenty to chew.
19:36:11 <tarazed> Yes.  Send them out.
19:36:44 <lewyssmith> DavidWHodgins: What do you say to that?
19:37:01 <wilcal> Out the door
19:37:06 <DavidWHodgins> Ok, so options are: 1 - Hold until bug 20796 is fixed. 2 - Release all rc iso images now. 3. Release just the lives now.
19:37:06 <krisNL> is it a problem right now that the whole gnome stack is in the process of updating?
19:37:13 <tarazed> And what about pretesting.  Thinking of a new iso suddenly appearing.
19:37:16 <DavidWHodgins> Let's vote. Option 1, 2 or 3?
19:37:20 <lewyssmith> It looks a good compromise between immediacy & prudence.
19:37:21 <DavidWHodgins> I vote 3.
19:37:29 <krisNL> 3
19:37:39 <lewyssmith> What are th options, soory?
19:37:41 <hviaene> 3
19:37:43 <tarazed> 2
19:37:50 <LpSolit> 2
19:37:52 <DavidWHodgins> lewyssmith:  options are: 1 - Hold until bug 20796 is fixed. 2 - Release all rc iso images now. 3. Release just the lives now.
19:37:54 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20796 major, release_blocker, isobuild, NEW , proprietary nvidia graphics driver cannot be installed during or after an upgrade
19:37:59 <lewyssmith> 3
19:38:40 <lewyssmith> We can always follow any day with the Classics, bugged or not.
19:38:54 <lewyssmith> Hello Ben.
19:39:01 <krisNL> wilcal: whats your vote?
19:39:02 <DavidWHodgins> That it? 4 votes for live only, 2 votes for all? Any other voters?
19:39:18 <lewyssmith> DavidWHodgins: Plese repeat the options for Ben.
19:39:28 <DavidWHodgins> Options are: 1 - Hold until bug 20796 is fixed. 2 - Release all rc iso images now. 3. Release just the lives now.
19:39:56 <DavidWHodgins> Option 3 includes holding the classics images till that bug is fixed.
19:40:17 <lewyssmith> It only concerns upgrades.
19:40:27 <Benmc> Lewis, Good morning
19:40:35 <lewyssmith> Vote, Ben!
19:40:45 <Benmc> 3
19:41:32 <lewyssmith> 5:2 for option 3 is fair.
19:41:35 <DavidWHodgins> Not many participants today, but vote seems to be release live iso images now, hold classic till dkms problem on upgrades solved
19:42:01 <DavidWHodgins> I'll let the council know in the mailing list
19:42:16 <wilcal> Sounds like a plan
19:42:23 <lewyssmith> And that the Release notes mention the XFCE Lives - essntial.
19:42:44 <DavidWHodgins> #info qa team votes to release live iso images now, hold classic till dkms problem on upgrades solved
19:43:26 <DavidWHodgins> Anything else anyone would like to discuss about Mageia 6 before we move to the next topic?
19:43:51 <wilcal> Just the password request thing on the LiveDVD
19:44:10 <lewyssmith> Yes: no more ISO releases for RC other than Classics.
19:44:31 <krisNL> password request?
19:44:40 <DavidWHodgins> The live iso image should boot directly to the desktop. If you logout/in after booting it, the user is "live" with the password blank
19:45:14 <DavidWHodgins> It shouldn't be showing the login screen on boot
19:45:15 <krisNL> they do boot to the desktop, no?
19:45:29 <wilcal> Ya didn't work today. Blank took me back to the log in page. I'll work on it
19:45:57 <DavidWHodgins> wilcal: Is that booting from the live iso, or booting after installing to hard drive?
19:47:14 <Pharaoh_Atem> I have to say, the m6 classic dvd worked wonderfully for me, except for one thing
19:47:22 <wilcal> From a USB stick
19:47:26 <Pharaoh_Atem> apparently dnf and dnf-plugins-core were not installed by default
19:47:32 <wilcal> LiveDVD
19:47:36 <Pharaoh_Atem> they're supposed to, like they are on the live media
19:48:09 <lewyssmith> Pharaoh_Atem: I found they got installed if needed to add something else.
19:48:37 <lewyssmith> like playing with MCC shares.
19:48:47 <DavidWHodgins> Wait a sec. Back to whether or not to release the live iso images. I just remembered, yesterday's kernel update was a very high priority security update. Perhaps we should ask for a rebuild of the live iso images to include the fixes for bug 20747
19:48:48 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20747 normal, Normal, qa-bugs, RESOLVED FIXED, Update request: kernel-4.4.65-1.mga5, kernel
19:49:01 <Pharaoh_Atem> lewyssmith: well, dnfdragora was also missing, which was odd
19:49:03 <krisNL> wilcal: you might have a usb stick problem or a usb port problem
19:49:09 <lewyssmith> Pharaoh_Atem: ut raise a bug if it matters for final release.
19:49:13 <Pharaoh_Atem> okay
19:50:24 <lewyssmith> DavidWHodgins: Martin at least has said he can produce new Live ISOs rapidly.
19:51:06 <DavidWHodgins> What does everyone think about asking for another build to include the latest kernel fix? It fixes an exploitable kernel bug
19:51:12 <lewyssmith> I cannot jusge. would updating the installed system not pull it in, the new kernel?
19:51:32 <wilcal> If we can get them out there for this weeked for testing that would be great
19:51:39 <lewyssmith> If so, recommend doing that.
19:51:41 <DavidWHodgins> It would, but would leave people booting in live mode vulnerable
19:52:09 <lewyssmith> For how long?
19:52:19 <krisNL> is the 4.9.x cauldron kernel affected as well?
19:52:30 <DavidWHodgins> For as long as they are running in live mode
19:52:34 <hviaene> On a read-only system?
19:52:37 <DavidWHodgins> krisNL: It's fixed in caludron
19:53:01 <DavidWHodgins> Once exploited, it could be used to modify things on the hard drive
19:53:44 <lewyssmith> Ask Martin.
19:54:04 <Benmc> this could become an endless loop, waiting for an ideal kernel before release
19:54:24 <lewyssmith> Agree. Cannot judge the risk.
19:55:28 <lewyssmith> Once again, ERRATA could warn & advise. Install& update ASAP.
19:55:32 <krisNL> martin can build new isos with the fixed kerbel
19:55:38 <krisNL> kernel
19:55:58 <lewyssmith> [We guessed]!
19:56:25 <hviaene> And release without any testing here?
19:56:44 <DavidWHodgins> Just reviewing the exploit. Not sure yet if it's remotely exploitable, or only for local users
19:57:14 <lewyssmith> hviaene: Herman, We would have to rush through it.
19:57:46 <lewyssmith> Let us await Dave's conclusion.
19:58:10 <hviaene> That's a doubtfull thing to do
19:58:31 <DavidWHodgins> Ok. Looks like it's only for unprivelged users that already have access to the system, so not remotely exploitable
19:58:50 <lewyssmith> Agree normally; but if it is *just* the kernel updated, not so dicey. If it was loads of pkgs - forget.
19:59:00 <DavidWHodgins> So not worth rebuilding the live iso images just for that.
19:59:10 <krisNL> we can happily go on testing another 6 months , and call it URR, unstable rolling release
19:59:11 <lewyssmith> Hooray!
19:59:26 <lewyssmith> That was to Dave.
19:59:36 <wilcal> Looks like this thing is going to push into eary June for final release
19:59:38 <DavidWHodgins> So the previous vote stands. I'll ask council to go ahead and release the live iso images
20:00:05 <DavidWHodgins> Let's move on to the next topic. :-)
20:00:08 <krisNL> DavidWHodgins: :)
20:00:19 <DavidWHodgins> #topic * Testing updates - Any difficulties, problems, issues?
20:00:53 <DavidWHodgins> The list isn't too bad http://madb.mageia.org/tools/updates
20:00:54 <lewyssmith> We are doing well keeping the list under control (esp Herman & Len).
20:00:55 <[mbot> [ Mageia App Db - Current Update candidates ]
20:01:17 <lewyssmith> But thanks Dave for your npd test.
20:01:31 <DavidWHodgins> Looks like Luigi12 has been busy though, so several new ones yesterday and today
20:02:03 <lewyssmith> 5 security, all unknown to me except Bills's favourite Flash.
20:02:14 <DavidWHodgins> mhonarc is one I don't remember seeing before, so will have to dig into
20:02:36 <wilcal> Todays Flash Player update ( 148 ) didn't work. The one in updates testing is the latest ( 171 )
20:02:49 <DavidWHodgins> zoneminder, I've tested before. I do have a security camera I can use for testing it, though I don't normally use that camera
20:02:53 <wilcal> Hard to keep up with the typhoon of Flash updates
20:03:07 <lewyssmith> Can anyone recommend a decent site to try Flash - other than YouTube (= Google)?
20:03:34 <wilcal> Google flash games
20:03:47 <lewyssmith> Not Google, please. Anything else.
20:03:52 <DavidWHodgins> Also http://www.adobe.com/software/flash/about
20:03:54 <[mbot> [ Adobe - Flash Player ]
20:04:39 <lewyssmith> If that works (it does), does that suffice?
20:04:44 <DavidWHodgins> Version 171 is working here on x86_64. I'll test it on i586 (under vb) after the meeting
20:04:44 <wilcal> Not admitting anything here but the most sensitive flash performance sites are the live adult video sites
20:04:46 <hviaene> Internet radio's . Athough I m not sure they'll still with flash
20:05:04 <DavidWHodgins> lewyssmith: yes, unless other problems found. Luckily flash is finally starting to die
20:05:18 <wilcal> If you don't have the latest flash they'll crash and fold or not work at all
20:05:26 <hviaene> www.classicalmusicamerica.com
20:05:39 <hviaene> www.classiccomposers.org
20:05:45 <DavidWHodgins> Depends on the site. Some sites will not work unless latest version is being used, some will.
20:06:13 <wilcal> That's all recorded media flash is pressed the most with streaming video which is it's last cornered market
20:06:26 <wilcal> live streaming video
20:06:50 <DavidWHodgins> The other security updates are all packages I don't recall seeing before so will have to dig to figure out how to test them
20:07:14 <tarazed> Voices of Music but that points to Youtube.
20:07:50 <DavidWHodgins> This meeting is taking too long. :-)
20:07:52 <DavidWHodgins> #topic * Anything else?
20:07:54 <wilcal> most of the time YouTube is going to default to HTML5
20:08:03 <lewyssmith> What I thought.
20:08:05 <wilcal> I'm done
20:08:06 <DavidWHodgins> Does anyone have anthing else to discuss?
20:08:17 <hviaene> No, not here
20:08:17 <lewyssmith> Not ow, thank you.
20:08:29 <krisNL> thanks, david
20:08:31 <wilcal> Note. Mozilla is locking out Flash as a plug-in in Jan 2018
20:08:38 <wilcal> that's the plan
20:08:39 <DavidWHodgins> wilcal: Yeah!
20:09:06 <wilcal> Apple locked out flash like it was never allowed
20:09:07 <DavidWHodgins> Flash has always been a security nightmare
20:09:15 <lewyssmith> http://www.adobe.com/software/flash/about is good, it leads to demo content.
20:09:17 <[mbot> [ Adobe - Flash Player ]
20:09:25 <hviaene> G'night all
20:09:32 <lewyssmith> Same here.
20:09:34 <DavidWHodgins> Countdown time
20:09:36 <DavidWHodgins> 5
20:09:36 <wilcal> Again all recorded non-time dependent content
20:09:40 <DavidWHodgins> 4
20:09:42 <wilcal> bye all
20:09:44 <DavidWHodgins> 3
20:09:47 <DavidWHodgins> 2
20:09:49 <DavidWHodgins> 1
20:09:52 <lewyssmith> Goosbyre everyone. Good lively productive meeting.
20:09:56 <DavidWHodgins> Thanks for coming everyone!
20:10:00 <DavidWHodgins> #endmeeting