19:04:17 <DavidWHodgins> #startmeeting 19:04:17 <Inigo_Montoya> Meeting started Thu May 11 19:04:17 2017 UTC. The chair is DavidWHodgins. Information about MeetBot at http://wiki.debian.org/MeetBot. 19:04:17 <Inigo_Montoya> Useful Commands: #action #agreed #help #info #idea #link #topic. 19:04:19 <lewyssmith> I saw the problem. See my comment 17 - but you have! 19:04:38 <DavidWHodgins> #chair wilcal tarazed lewyssmith 19:04:38 <Inigo_Montoya> Current chairs: DavidWHodgins lewyssmith tarazed wilcal 19:04:43 <DavidWHodgins> #topic 19:04:44 <DavidWHodgins> This update fixes the following security issues: 19:04:46 <DavidWHodgins> Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server 19:04:47 <DavidWHodgins> configuration bundled with ZoneMinder v1.30 and v1.29, which allows a remote unauthenticated attacker 19:04:49 <DavidWHodgins> to browse all directories in the web root, e.g., a remote unauthenticated attacker can view all CCTV 19:04:50 <DavidWHodgins> images on the server via the /events URI. (CVE-2016-10140) 19:04:52 <DavidWHodgins> Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php. (CVE-2016-10201) 19:04:53 <DavidWHodgins> Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the path info to index.php. (CVE-2016-10202) 19:04:55 <DavidWHodgins> Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the name when creating a new monitor. (CVE-2016-10203) 19:04:56 <DavidWHodgins> 19:04:58 <DavidWHodgins> SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php. (CVE-2016-10204) 19:04:59 <DavidWHodgins> Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie. (CVE-2016-10205) 19:05:01 <DavidWHodgins> Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action request to index.php. (CVE-2016-10206) 19:05:02 <DavidWHodgins> Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, which allows a remote attacker to execute malicious scripts within an authenticated client's browser. The URL is /zm/index.php and sample parameters could include action=login&view=postlogin[XSS] view=console[XSS] view=groups[XSS] view=events&filter[terms][1][cnj]=and[XSS] 19:05:04 <DavidWHodgins> view=events&filter%5Bterms%5D%5B1%5D%5Bcnj%5D=and[XSS] view=events&filter%5Bterms%5D%5B1%5D%5Bcnj%5D=[XSS]and view=events&limit=1%22%3E%3C/a%3E[XSS] (among others). (CVE-2017-5367) 19:05:05 <DavidWHodgins> ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross Site Request Forgery) which allows a remote attack to make changes to the web application as the current logged in victim. If the victim visits a malicious web page, the attacker can silently and automatically create a new admin user within the web application for remote persistence and further attacks. The URL is /zm/index.php and 19:05:07 <DavidWHodgins> sample parameters could include action=user uid=0 newUser[Username]=attacker1 newUser[Password]=Password1234 conf_password=Password1234 newUser[System]=Edit (among others). (CVE-2017-5368) 19:05:08 <DavidWHodgins> A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile(), which allows an authenticated attacker to read local system files (e.g., /etc/passwd) in the context of the web server user (www-data). The attack vector is a .. (dot dot) in the path parameter within a zm/index.php?view=file&path= request. (CVE-2017-5595) 19:05:10 <DavidWHodgins> A Cross-Site Scripting (XSS) was discovered in ZoneMinder 1.30.2. The vulnerability exists due to insufficient filtration of user-supplied data (postLoginQuery) passed to the "ZoneMinder-master/web/skins/classic/views/js/postlogin.js.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. (CVE-2017-7203) 19:05:11 <DavidWHodgins> Notes for sysadmins: 19:05:13 <DavidWHodgins> 1. CRSF attacks are now blocked by setting the ZoneMinder variable 'ENABLE_CSRF_MAGIC' to 'yes'. During system update you may want to check that this variable is set. In Mageia 'yes' is the default for new installs of ZoneMInder. 19:05:14 <DavidWHodgins> 2. Changes have been made to /etc/httpd/conf/site.d/zoneminder.conf to mitigate CVE-2016-10140. Make sure to accept the new configuration when updating existing systems. 19:05:16 <DavidWHodgins> Oops 19:05:17 <DavidWHodgins> #undo 19:05:17 <Inigo_Montoya> Removing item from minutes: <MeetBot.items.Topic object at 0xb674f12c> 19:05:19 <DavidWHodgins> #topic * Who's new? - If you are then come and say hello. 19:05:24 <wilcal> gracious 19:05:28 <DavidWHodgins> :-) 19:05:48 <DavidWHodgins> So, anyone here who has not been to a qa team irc meeting before? 19:06:07 <DavidWHodgins> Doesn't look like it 19:06:21 <DavidWHodgins> #topic * Mageia 6 rc - Release as is, or wait for more bug fixes? 19:06:36 <wilcal> I have a question 19:06:43 <DavidWHodgins> Go ahead 19:07:05 <lewyssmith> Personally, without having attempted what will be mamoth upgrade, I have no serious complaints about rc. 19:07:23 <wilcal> Today I broiught up LiveDVD, x86_64, Plasma and got the log in screen and it asked for a password. What is the password and should the LiveDVD do that? 19:07:47 <tarazed> The nvidia problems are troubling. 19:07:48 <DavidWHodgins> The password is empty 19:07:54 <wilcal> yes 19:08:16 <wilcal> I've seen this in the passed occasionally 19:08:20 <DavidWHodgins> Does the nvidia problem have a workaround that a relatively non-tech user could use? 19:08:38 <lewyssmith> tarazed: Yes, that and TJ' s Intel video upgrade one. For upgrades only, I think. 19:08:46 <tarazed> Not sure about non-tech but it is easy to do. 19:09:08 <lewyssmith> Charles's post (then TJ's) was quite succint. 19:09:11 <DavidWHodgins> What's involved? I only have radeon graphics here 19:09:54 <wilcal> I executed a Vbox netinstall yesterday and that went very very well 19:09:58 <DavidWHodgins> Ah. The dkms build not running on boot 19:09:59 <tarazed> You have to enable the auto-updater (?) at the desktop and re-install nvidia then reboot. 19:10:25 <lewyssmith> DavidWHodgins: Yes, that is what Charles said. 19:10:26 <DavidWHodgins> Which won't work for live iso booting, since the changes will not be kept 19:10:47 <tarazed> I have not seen Charles's staright install issue, yet. 19:11:07 <lewyssmith> His post was about an *upgrade*. 19:11:35 <lewyssmith> Perfect except the re-boot baulked; which others have suffered. 19:11:57 <DavidWHodgins> Still, that one looks serious enough to change my mind about recommending releasing the rc iso images as is 19:12:07 <tarazed> The initial problem was with upgrades but ne now says that it affects straight installs as well. ? 19:12:17 <krisNL> changes on the lives are being kept after install, it is an aoverlay filesystem 19:12:22 <krisNL> overlay 19:12:33 <lewyssmith> DavidWHodgins: I gave you the bug numbers. 19:12:45 <DavidWHodgins> Yes, just looking at them 19:12:49 <tarazed> Martin is working on a fix. 19:13:08 <DavidWHodgins> krisNL: No, that's not true. Booting from a live iso does not alter the hard drives in any way 19:13:10 <lewyssmith> This is Classic - Upgrade only, not Lives. 19:13:39 <krisNL> hard drives? nvidia? 19:13:45 <lewyssmith> I think Chris meant after installing. 19:14:08 <krisNL> yes, thats what i meant to say 19:14:20 <DavidWHodgins> The overlay uses a ram disk on top of the iso image. The iso image is read only 19:14:35 <DavidWHodgins> The ram disk contents are lost on reboot 19:14:46 <tarazed> Retraction - Charles says that nvidia is not being loaded on Cauldron after new kernels installed. 19:14:51 <krisNL> nope, it's a virtual read-write above 19:15:09 <lewyssmith> Some things *are* preserved from Live use -> install.I have seen comments that say so. 19:15:18 <DavidWHodgins> The iso image can be running from a dvd. It's read only. 19:15:35 <krisNL> after install to hdd, david 19:15:40 <DavidWHodgins> lewyssmith: Yes, if the system is installed to the hard drive. 19:15:58 <lewyssmith> That is what we mean. 19:16:05 <DavidWHodgins> Does the problem affect booting in live mode, or only after booting to a system installed from the live? 19:16:30 <wilcal> I've made simple changes to the LiveDVD desktop and that sticks upon install and reboot 19:17:14 <DavidWHodgins> Agreed. Changes made in live mode, are kept if the install to hard disk is done. Not if rebooting into the live iso again. 19:17:33 <lewyssmith> Bugs 20796 & 20810. 19:18:18 <lewyssmith> Charles: On reboot I did hit [Bug 20796] which means the nvidia module was not 19:18:18 <lewyssmith> built during boot. 19:18:19 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20796 major, release_blocker, isobuild, NEW , proprietary nvidia graphics driver cannot be installed during or after an upgrade 19:19:02 <lewyssmith> wilcal: Bill, what about printer problems? 19:19:41 <wilcal> Sorry I've got to get back to that. I promise to do that this weekend or earlier 19:19:56 <lewyssmith> Are they stopper for freeing RC? 19:20:20 <DavidWHodgins> No. They are a blocker for final, but not for rc, 19:20:58 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=17593 19:20:59 <[mbot> Bug 17593: normal, release_blocker, pkg-bugs, NEW , system-config-printer doesn't discover some USB connected printers, system-config-printer-1.5.7-1.mga6 19:21:12 <DavidWHodgins> We need to get the rc out very soon. Both to keep the community involved, and to find bugs that we don't have the hardware or setups needed to find 19:21:17 <wilcal> should not hold up rc 19:21:47 <DavidWHodgins> But the graphics problems are serious enough to block the rc, in my opinion 19:21:57 <lewyssmith> The two video upgrade bugs, users could be warned NOT to attempt upgrades. 19:22:05 <wilcal> I completely agree. The little green windows thingy is fixed and I'm for releasing the rc for wider testing 19:22:11 <wilcal> ASAP 19:22:36 <lewyssmith> Not that we are short of bugs on M6... 19:23:04 <wilcal> 99% of everyone is committed to making sure the M5 -> M6 upgrade thing works. I'm the 1% 19:23:16 <DavidWHodgins> Does anyone disagree that bug 20810 and bug 20796 should block the rc release? 19:23:17 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20810 critical, release_blocker, isobuild, NEW , After an upgrade from Mageia5->6, the first boot "hangs" with a black screen 19:23:56 <tarazed> Given that nouveau drops in when nvidia fails the systems can still be tested at some level. 19:24:40 <lewyssmith> So long as users are told *not* to upgrade (without backup), they could pass IMHO. 19:24:53 <wilcal> Does that all work if your using Gnome or Xfce? 19:25:07 <lewyssmith> tarazed: I thought re-booted upgraded systems were unusable. 19:25:08 <DavidWHodgins> Does bug 20796 stop graphics from working, or just force the use of the open source driver with less features? 19:25:09 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20796 major, release_blocker, isobuild, NEW , proprietary nvidia graphics driver cannot be installed during or after an upgrade 19:25:50 <lewyssmith> What I have seen (reports), the result is not usable without command line tweaking. 19:26:06 <tarazed> lewis: Some are unusable but in general they should work. I have an idiosyncratic hardware combination. 19:26:23 <DavidWHodgins> That's to get the proprietary driver installed. My question is does X work without it? 19:26:34 <krisNL> is this upgrade nvidia issue a problem of the ci iso build or a dkms or something else? 19:26:36 <hviaene> wilcal: I did an upgrade on a M5 Xfce, but that didn't out well. I'dd to search the pad 19:26:41 <lewyssmith> Charles & TJ (+others?) feedback was worse. 19:26:44 <tarazed> In neaarly all cases I think it does. 19:27:06 <DavidWHodgins> X does work? 19:27:12 <wilcal> This M5 -> M6 upgrade is probably the most difficult we've done 19:27:24 <lewyssmith> krisNL: I think it a dkms thingy. 19:27:28 <tarazed> Yes, as I said, for most hardware. 19:27:40 <DavidWHodgins> wilcal: Not compared to the /bin move to /usr/bin/ :-) 19:27:53 <tarazed> krisnl: yes, dkms is involved. 19:28:34 <krisNL> thx, then I'm confident that Martin will fix it :) 19:28:42 <lewyssmith> I would like to try my mamoth upgrade before RC release, but it will take time. 19:28:58 <wilcal> Also https://forums.mageia.org/en/ being down is an M6 release blocker in itself 19:29:12 <lewyssmith> ATI video, so the 2 bugs not involved. 19:29:34 <lewyssmith> wilcal: And the blog? 19:29:46 <DavidWHodgins> wilcal: Blocker for final perhaps, not for rc release. 19:29:47 <tarazed> lewis: so you may not get much sleep tonight. 19:29:54 <wilcal> I agree with that 19:29:58 <lewyssmith> Yes I will! 19:30:20 <lewyssmith> I have been at it all day with emails, wikis, updates. 19:30:28 <wilcal> I thought the only thing left for the sysadmins was the forums 19:30:45 <lewyssmith> No: I think the wiki images are screwed. 19:31:07 <wilcal> http://blog.mageia.org/en/ is alive 19:31:08 <[mbot> [ Mageia Blog (English) | The community Linux distribution ] 19:32:10 <DavidWHodgins> My opinion right now, is that the rc iso images should be held until bug 20796 is fixed. As to bug 20810, I suspect that is hardware dependent, so I don't think that one should block the rc release, as more testing would be helpful. 19:32:12 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20796 major, release_blocker, isobuild, NEW , proprietary nvidia graphics driver cannot be installed during or after an upgrade 19:32:13 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20810 critical, release_blocker, isobuild, NEW , After an upgrade from Mageia5->6, the first boot "hangs" with a black screen 19:32:40 <DavidWHodgins> Does anyone disgree? 19:32:44 <lewyssmith> Shall we wait until Monday for somethig to advance, then decide? 19:32:52 <DavidWHodgins> s /disgree/disagree/ 19:33:04 <wilcal> Both have to do with upgrade and that should not hold up rc 19:33:08 <tarazed> Urr. 19:33:10 <lewyssmith> Otherwise I am easy. 19:33:26 <wilcal> Gotta get this out there 19:33:29 <tarazed> Tending to agree to release. 19:33:52 <lewyssmith> It seems possible with suitale ERRATA. 19:33:55 <wilcal> Big step here today on M6 to kick the rc out the door 19:34:42 <DavidWHodgins> Looks like I'm in the minority here, thinking we should have at least one more build 19:35:28 <lewyssmith> Depends on how soon. Just the Classic? Are happy with the Lives? If so, *they* could go out first. 19:35:43 <lewyssmith> Like now. 19:35:46 <krisNL> release the lives 19:35:53 <lewyssmith> Thanks! 19:36:09 <lewyssmith> That will give the community plenty to chew. 19:36:11 <tarazed> Yes. Send them out. 19:36:44 <lewyssmith> DavidWHodgins: What do you say to that? 19:37:01 <wilcal> Out the door 19:37:06 <DavidWHodgins> Ok, so options are: 1 - Hold until bug 20796 is fixed. 2 - Release all rc iso images now. 3. Release just the lives now. 19:37:06 <krisNL> is it a problem right now that the whole gnome stack is in the process of updating? 19:37:13 <tarazed> And what about pretesting. Thinking of a new iso suddenly appearing. 19:37:16 <DavidWHodgins> Let's vote. Option 1, 2 or 3? 19:37:20 <lewyssmith> It looks a good compromise between immediacy & prudence. 19:37:21 <DavidWHodgins> I vote 3. 19:37:29 <krisNL> 3 19:37:39 <lewyssmith> What are th options, soory? 19:37:41 <hviaene> 3 19:37:43 <tarazed> 2 19:37:50 <LpSolit> 2 19:37:52 <DavidWHodgins> lewyssmith: options are: 1 - Hold until bug 20796 is fixed. 2 - Release all rc iso images now. 3. Release just the lives now. 19:37:54 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20796 major, release_blocker, isobuild, NEW , proprietary nvidia graphics driver cannot be installed during or after an upgrade 19:37:59 <lewyssmith> 3 19:38:40 <lewyssmith> We can always follow any day with the Classics, bugged or not. 19:38:54 <lewyssmith> Hello Ben. 19:39:01 <krisNL> wilcal: whats your vote? 19:39:02 <DavidWHodgins> That it? 4 votes for live only, 2 votes for all? Any other voters? 19:39:18 <lewyssmith> DavidWHodgins: Plese repeat the options for Ben. 19:39:28 <DavidWHodgins> Options are: 1 - Hold until bug 20796 is fixed. 2 - Release all rc iso images now. 3. Release just the lives now. 19:39:56 <DavidWHodgins> Option 3 includes holding the classics images till that bug is fixed. 19:40:17 <lewyssmith> It only concerns upgrades. 19:40:27 <Benmc> Lewis, Good morning 19:40:35 <lewyssmith> Vote, Ben! 19:40:45 <Benmc> 3 19:41:32 <lewyssmith> 5:2 for option 3 is fair. 19:41:35 <DavidWHodgins> Not many participants today, but vote seems to be release live iso images now, hold classic till dkms problem on upgrades solved 19:42:01 <DavidWHodgins> I'll let the council know in the mailing list 19:42:16 <wilcal> Sounds like a plan 19:42:23 <lewyssmith> And that the Release notes mention the XFCE Lives - essntial. 19:42:44 <DavidWHodgins> #info qa team votes to release live iso images now, hold classic till dkms problem on upgrades solved 19:43:26 <DavidWHodgins> Anything else anyone would like to discuss about Mageia 6 before we move to the next topic? 19:43:51 <wilcal> Just the password request thing on the LiveDVD 19:44:10 <lewyssmith> Yes: no more ISO releases for RC other than Classics. 19:44:31 <krisNL> password request? 19:44:40 <DavidWHodgins> The live iso image should boot directly to the desktop. If you logout/in after booting it, the user is "live" with the password blank 19:45:14 <DavidWHodgins> It shouldn't be showing the login screen on boot 19:45:15 <krisNL> they do boot to the desktop, no? 19:45:29 <wilcal> Ya didn't work today. Blank took me back to the log in page. I'll work on it 19:45:57 <DavidWHodgins> wilcal: Is that booting from the live iso, or booting after installing to hard drive? 19:47:14 <Pharaoh_Atem> I have to say, the m6 classic dvd worked wonderfully for me, except for one thing 19:47:22 <wilcal> From a USB stick 19:47:26 <Pharaoh_Atem> apparently dnf and dnf-plugins-core were not installed by default 19:47:32 <wilcal> LiveDVD 19:47:36 <Pharaoh_Atem> they're supposed to, like they are on the live media 19:48:09 <lewyssmith> Pharaoh_Atem: I found they got installed if needed to add something else. 19:48:37 <lewyssmith> like playing with MCC shares. 19:48:47 <DavidWHodgins> Wait a sec. Back to whether or not to release the live iso images. I just remembered, yesterday's kernel update was a very high priority security update. Perhaps we should ask for a rebuild of the live iso images to include the fixes for bug 20747 19:48:48 <[mbot> Bug https://bugs.mageia.org/show_bug.cgi?id=20747 normal, Normal, qa-bugs, RESOLVED FIXED, Update request: kernel-4.4.65-1.mga5, kernel 19:49:01 <Pharaoh_Atem> lewyssmith: well, dnfdragora was also missing, which was odd 19:49:03 <krisNL> wilcal: you might have a usb stick problem or a usb port problem 19:49:09 <lewyssmith> Pharaoh_Atem: ut raise a bug if it matters for final release. 19:49:13 <Pharaoh_Atem> okay 19:50:24 <lewyssmith> DavidWHodgins: Martin at least has said he can produce new Live ISOs rapidly. 19:51:06 <DavidWHodgins> What does everyone think about asking for another build to include the latest kernel fix? It fixes an exploitable kernel bug 19:51:12 <lewyssmith> I cannot jusge. would updating the installed system not pull it in, the new kernel? 19:51:32 <wilcal> If we can get them out there for this weeked for testing that would be great 19:51:39 <lewyssmith> If so, recommend doing that. 19:51:41 <DavidWHodgins> It would, but would leave people booting in live mode vulnerable 19:52:09 <lewyssmith> For how long? 19:52:19 <krisNL> is the 4.9.x cauldron kernel affected as well? 19:52:30 <DavidWHodgins> For as long as they are running in live mode 19:52:34 <hviaene> On a read-only system? 19:52:37 <DavidWHodgins> krisNL: It's fixed in caludron 19:53:01 <DavidWHodgins> Once exploited, it could be used to modify things on the hard drive 19:53:44 <lewyssmith> Ask Martin. 19:54:04 <Benmc> this could become an endless loop, waiting for an ideal kernel before release 19:54:24 <lewyssmith> Agree. Cannot judge the risk. 19:55:28 <lewyssmith> Once again, ERRATA could warn & advise. Install& update ASAP. 19:55:32 <krisNL> martin can build new isos with the fixed kerbel 19:55:38 <krisNL> kernel 19:55:58 <lewyssmith> [We guessed]! 19:56:25 <hviaene> And release without any testing here? 19:56:44 <DavidWHodgins> Just reviewing the exploit. Not sure yet if it's remotely exploitable, or only for local users 19:57:14 <lewyssmith> hviaene: Herman, We would have to rush through it. 19:57:46 <lewyssmith> Let us await Dave's conclusion. 19:58:10 <hviaene> That's a doubtfull thing to do 19:58:31 <DavidWHodgins> Ok. Looks like it's only for unprivelged users that already have access to the system, so not remotely exploitable 19:58:50 <lewyssmith> Agree normally; but if it is *just* the kernel updated, not so dicey. If it was loads of pkgs - forget. 19:59:00 <DavidWHodgins> So not worth rebuilding the live iso images just for that. 19:59:10 <krisNL> we can happily go on testing another 6 months , and call it URR, unstable rolling release 19:59:11 <lewyssmith> Hooray! 19:59:26 <lewyssmith> That was to Dave. 19:59:36 <wilcal> Looks like this thing is going to push into eary June for final release 19:59:38 <DavidWHodgins> So the previous vote stands. I'll ask council to go ahead and release the live iso images 20:00:05 <DavidWHodgins> Let's move on to the next topic. :-) 20:00:08 <krisNL> DavidWHodgins: :) 20:00:19 <DavidWHodgins> #topic * Testing updates - Any difficulties, problems, issues? 20:00:53 <DavidWHodgins> The list isn't too bad http://madb.mageia.org/tools/updates 20:00:54 <lewyssmith> We are doing well keeping the list under control (esp Herman & Len). 20:00:55 <[mbot> [ Mageia App Db - Current Update candidates ] 20:01:17 <lewyssmith> But thanks Dave for your npd test. 20:01:31 <DavidWHodgins> Looks like Luigi12 has been busy though, so several new ones yesterday and today 20:02:03 <lewyssmith> 5 security, all unknown to me except Bills's favourite Flash. 20:02:14 <DavidWHodgins> mhonarc is one I don't remember seeing before, so will have to dig into 20:02:36 <wilcal> Todays Flash Player update ( 148 ) didn't work. The one in updates testing is the latest ( 171 ) 20:02:49 <DavidWHodgins> zoneminder, I've tested before. I do have a security camera I can use for testing it, though I don't normally use that camera 20:02:53 <wilcal> Hard to keep up with the typhoon of Flash updates 20:03:07 <lewyssmith> Can anyone recommend a decent site to try Flash - other than YouTube (= Google)? 20:03:34 <wilcal> Google flash games 20:03:47 <lewyssmith> Not Google, please. Anything else. 20:03:52 <DavidWHodgins> Also http://www.adobe.com/software/flash/about 20:03:54 <[mbot> [ Adobe - Flash Player ] 20:04:39 <lewyssmith> If that works (it does), does that suffice? 20:04:44 <DavidWHodgins> Version 171 is working here on x86_64. I'll test it on i586 (under vb) after the meeting 20:04:44 <wilcal> Not admitting anything here but the most sensitive flash performance sites are the live adult video sites 20:04:46 <hviaene> Internet radio's . Athough I m not sure they'll still with flash 20:05:04 <DavidWHodgins> lewyssmith: yes, unless other problems found. Luckily flash is finally starting to die 20:05:18 <wilcal> If you don't have the latest flash they'll crash and fold or not work at all 20:05:26 <hviaene> www.classicalmusicamerica.com 20:05:39 <hviaene> www.classiccomposers.org 20:05:45 <DavidWHodgins> Depends on the site. Some sites will not work unless latest version is being used, some will. 20:06:13 <wilcal> That's all recorded media flash is pressed the most with streaming video which is it's last cornered market 20:06:26 <wilcal> live streaming video 20:06:50 <DavidWHodgins> The other security updates are all packages I don't recall seeing before so will have to dig to figure out how to test them 20:07:14 <tarazed> Voices of Music but that points to Youtube. 20:07:50 <DavidWHodgins> This meeting is taking too long. :-) 20:07:52 <DavidWHodgins> #topic * Anything else? 20:07:54 <wilcal> most of the time YouTube is going to default to HTML5 20:08:03 <lewyssmith> What I thought. 20:08:05 <wilcal> I'm done 20:08:06 <DavidWHodgins> Does anyone have anthing else to discuss? 20:08:17 <hviaene> No, not here 20:08:17 <lewyssmith> Not ow, thank you. 20:08:29 <krisNL> thanks, david 20:08:31 <wilcal> Note. Mozilla is locking out Flash as a plug-in in Jan 2018 20:08:38 <wilcal> that's the plan 20:08:39 <DavidWHodgins> wilcal: Yeah! 20:09:06 <wilcal> Apple locked out flash like it was never allowed 20:09:07 <DavidWHodgins> Flash has always been a security nightmare 20:09:15 <lewyssmith> http://www.adobe.com/software/flash/about is good, it leads to demo content. 20:09:17 <[mbot> [ Adobe - Flash Player ] 20:09:25 <hviaene> G'night all 20:09:32 <lewyssmith> Same here. 20:09:34 <DavidWHodgins> Countdown time 20:09:36 <DavidWHodgins> 5 20:09:36 <wilcal> Again all recorded non-time dependent content 20:09:40 <DavidWHodgins> 4 20:09:42 <wilcal> bye all 20:09:44 <DavidWHodgins> 3 20:09:47 <DavidWHodgins> 2 20:09:49 <DavidWHodgins> 1 20:09:52 <lewyssmith> Goosbyre everyone. Good lively productive meeting. 20:09:56 <DavidWHodgins> Thanks for coming everyone! 20:10:00 <DavidWHodgins> #endmeeting