#mageia-qa log

19:02:05 <DavidWHodgins> #startmeeting
19:02:05 <Inigo_Montoya`> Meeting started Thu Oct 20 19:02:05 2016 UTC.  The chair is DavidWHodgins. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:02:05 <Inigo_Montoya`> Useful Commands: #action #agreed #help #info #idea #link #topic.
19:02:15 <DavidWHodgins> #chair wilcal lewyssmith MrsB
19:02:15 <Inigo_Montoya`> Current chairs: DavidWHodgins MrsB lewyssmith wilcal
19:02:21 <DavidWHodgins> HiYa everyone
19:02:30 <wilcal> wow the gangs really all here
19:02:32 <DavidWHodgins> Welcome to yet another qa team meeting
19:02:36 <DavidWHodgins> #topic * Who's new? - If you are then come and say hello.
19:02:54 <DavidWHodgins> Anyone here who hasn't been to a qa irc team meeting before?
19:03:12 <DavidWHodgins> All of the names in the list look familiar
19:03:31 <DavidWHodgins> #topic * Kernel update 4.4.26 - bug 19577 - Objections to validate?
19:04:10 <DavidWHodgins> I've tested both server and desktop kernel installs under vb and on host, both i586 and x86_64 installs
19:04:17 <tarazed> What was this race condition that tmb? mentioned?
19:05:14 <DavidWHodgins> Except for a new msg during the installs on i586 install on an x86_64 system, noted in comment 9, I didn't see any regressions
19:05:21 <lewyssmith> tjandrews: Hello TJ.
19:05:23 <wilcal> I've put some work in 19577 and I'm happy
19:05:33 <wilcal> It's all in the BUG
19:05:39 <DavidWHodgins> tarazed: See comment 5 in the bug report
19:06:26 <DavidWHodgins> We are not taking the time to search for a POC and test it though. Time is of the essense
19:06:44 <DavidWHodgins> Does anyone have any objection to me validating the update?
19:06:59 <tmb> DavidWHodgins, the message is not new, it's been there some time... it's some bootsplash detection that outputs that, but it does not break anything
19:07:19 <DavidWHodgins> First time I've noticed it
19:07:30 <wilcal> do it
19:08:00 <DavidWHodgins> bug 19577 validated
19:08:09 <brian_> hi all
19:08:20 <tarazed> Morning lad.
19:08:20 <DavidWHodgins> HiYa brian_
19:08:23 <lewyssmith> What about the VBox to go with it?
19:08:41 <DavidWHodgins> lewyssmith: They are separate updates this time
19:08:51 <tmb> lewyssmith, no, we only push kmods for 5.1.2 in this update so we dont delay it
19:08:52 <wilcal> kernel first
19:09:00 <DavidWHodgins> vb will go through it's normal testing
19:09:03 <lewyssmith> But are we going for the older or newest version?
19:09:24 <tmb> lewyssmith, the 5.1.2 that is already in updates
19:09:39 <lewyssmith> OK, thanks.
19:09:59 <DavidWHodgins> The kernel update should be tested with the current updates version of vb, not the updates-testing version, but we won't hold the kernel update if that wasn't the case
19:10:10 <tjandrews> My old trouble with an i586 host resurfaced in one guest. But I don't think the update should be stopped because of it.
19:10:28 <DavidWHodgins> It's already validated. :-)
19:10:36 <DavidWHodgins> #topic * Mageia 5.1 - Still waiting for new isos, soon
19:10:40 <tjandrews> Slow typist.
19:10:44 <DavidWHodgins> ping ennael
19:10:45 <DavidWHodgins> :-)
19:10:47 <tmb> I'll go add the advisory and push the kernel update then and re-upload virtualbox 5.1.8 + new kmods then
19:11:01 <DavidWHodgins> tmb: Thanks. I forgot about the advisory
19:11:41 <lewyssmith> Can I be clear that 5.1 is eligible for re-build with the new kernel & old VB?
19:12:23 <DavidWHodgins> We'll have to ensure ennael includes the new kernel in the new 5.1 iso images.
19:12:43 <DavidWHodgins> So yet another delay will be added to the 5.1 iso images
19:13:08 <DavidWHodgins> Hopefully, they'll be ready for qa testing sometime tomorrow
19:13:27 <wilcal> I have an open weekend
19:13:45 <lewyssmith> We have been held up lately by newer VBs not working.
19:14:43 <tjandrews> Anybody but me having trouble with them? If not, I have to wonder...
19:15:01 <wilcal> When testing Vbox try a client with a usb memory stick plugged in to see if the extensions are working
19:15:28 <lewyssmith> tjandrews: No matter. We incorporate 5.1.2 and play with the latest until it flies.
19:15:28 <wilcal> that's the simplest way to test that
19:17:05 <lewyssmith> Nothing more to say about 5.1 now until we have new ISOs with the new kernel.
19:18:58 <lewyssmith> Move on?
19:19:15 <wilcal> yup
19:19:28 <lewyssmith> What is nect: M6?
19:19:45 <lewyssmith> #topic Mageia 6
19:20:34 <wilcal> I think we are awaiting new isos
19:20:58 <wilcal> My M6 x86_64 on real hw works and updates just fine here
19:21:00 <brian_> yup - I keep one machine up once in awhile in MGA6 XFCE and accepting updates.
19:21:06 <lewyssmith> Some people have been testing the water with netinstalls & Cauldron- based systems. It is they who keep testing going for the moment.
19:21:30 <lewyssmith> Like the previous two.
19:21:31 <wilcal> I've got i586 & x86_64 Vbox clients doing the same
19:21:34 <tjandrews> Concentrating any efforts I can make on updates and 5.1. Ignoring M6 for now.
19:21:44 <lewyssmith> Me too.
19:22:21 <wilcal> Here's a wrinkle I found. If you've got a PLasma install and install Gnome that does not work
19:22:23 <brian_> lol - I'm just using it for some light stuff, like google voice, etc.  fun enough that instance of MGA6 has been <knock on wood> decently stable
19:22:34 <wilcal> I'm gonna look at that again soon
19:22:36 <brian_> I'm not touching plasma
19:22:51 <wilcal> Plasma looks really good right now
19:22:59 <wilcal> far better then when we started
19:23:04 <lewyssmith> If it is your cup of tea...
19:23:22 <wilcal> Gnome only install is also very good
19:23:51 <lewyssmith> wilcal: Bill: did you bug the Plasma+Gnome problem?
19:24:11 <tjandrews> The KDE mantra seems to be, "If it ain't broke, improve it until it is!"
19:24:16 <wilcal> need to do it again to make sure it's really an issue. Will do that this weekend
19:24:36 <lewyssmith> But you will bug it if it is still there?
19:24:41 <wilcal> Ya it's been a very difficult road with Plasma
19:24:45 <wilcal> yes
19:25:06 <rindolf> I had a problem with plasma 5 where there were many artefacts on the screen, but not sure if it still happens.
19:25:15 <rindolf> tjandrews: heh.
19:25:31 <lewyssmith> tjandrews: I liked your last comment! Too true.
19:26:25 <wilcal> You have to do a plasma install to a blank drive
19:26:29 <Bequimao> Is installing multiple desktops in the scope of QA?
19:26:54 <lewyssmith> When M6 returns, it is always worth looking at constant bugbears: RAID, broadcom wifi, nvidia.
19:26:55 <wilcal> yes they should all be happy together
19:27:17 <wilcal> I think Autologin is still a problem
19:27:32 <lewyssmith> Bequimao: It is normal with tha classic ISOs to install several desktops.
19:28:12 <brian_> yeah - I've installed nearly all at once before in MGA5.  it was fun
19:28:25 <lewyssmith> I routinely install them all.
19:28:35 <tjandrews> Yes. It is one of our strengths - and one of our weaknesses.
19:28:49 <lewyssmith> Strengths - Mageia special.
19:28:49 <stratocaster7> Last I checked plasma still was not saving session data or even configuration settings (theme in konsole etc).
19:29:01 <tarazed> I test them one at a time then put them all together.
19:29:16 <lewyssmith> This is super-thorough, Len.
19:29:35 <tarazed> If there is time.
19:29:44 <lewyssmith> Ah. The boss is back!
19:29:56 <DavidWHodgins> Sorry, lost connection for a few minutes
19:30:02 <tjandrews> Quick! Look busy!
19:30:18 <brian_> <slkdfjadf>
19:30:18 <DavidWHodgins> lol
19:30:20 <lewyssmith> I think we are ready to go on to updates.
19:30:46 <DavidWHodgins> #topic * Testing updates - Any difficulties, problems, issues?
19:31:14 <DavidWHodgins> I heven't had the energy to keep up, so haven't looked at them in several days
19:31:46 <wilcal> Anyone else wanna look at:
19:31:48 <wilcal> https://bugs.mageia.org/show_bug.cgi?id=19615
19:31:53 <wilcal> php
19:32:42 <wilcal> I'm gonna validate it tomorrow if no one else finds something
19:32:42 <DavidWHodgins> Based on comment 5, it looks ready to validate
19:33:13 <Luigi12> yep, just missing an advisory (waiting for one CVE)
19:33:24 <DavidWHodgins> It's pretty straight forward to test, as there are rarely any POCs available
19:33:34 <DavidWHodgins> Luigi12: Ok
19:33:43 <wilcal> It's multifacited app
19:34:08 <wilcal> you can test it 1000 different ways
19:34:12 <DavidWHodgins> It's like a compiler. We can only test the basic functions, not all possible cases
19:34:35 <lewyssmith> I can do some extra x64 testing for confirmation if it would help. Tomorrow evening. We can validate it withoout the advisory, to get it off the main list.
19:34:37 <wilcal> it's a minor security update
19:34:53 <DavidWHodgins> What we're looking for with an update like that, is that the update installs cleanly, and basic functions still work
19:35:46 <lewyssmith> https://bugs.mageia.org/show_bug.cgi?id=19479
19:36:11 <lewyssmith> Dave: are you able to test 32-bit on thi? You know how to drive it.
19:36:38 <lewyssmith> Bug 19479.
19:37:34 <wilcal> what are we gonna do with openjpeg2?
19:37:36 <DavidWHodgins> Ah. Looking at bug 7081. I vaguely remember testing that. Will test it after the meeting
19:38:07 <brian_> I'm testing the php 5.6.27 on 32bit
19:38:28 <lewyssmith> https://bugs.mageia.org/show_bug.cgi?id=19497 Openjpeg
19:38:34 <wilcal> ya
19:38:48 <tarazed> wilcal: In a mind to push it on and take ASAN elsewhere, like dev list.
19:38:53 <lewyssmith> I got stuck by not finding all the rpms to update in Update Testing.
19:39:15 <DavidWHodgins> lewyssmith: Which mirror are you using?
19:39:40 <lewyssmith> Normally coffee whatever.
19:39:58 <DavidWHodgins> I forget, where are you located
19:40:08 <lewyssmith> France. I will re-try the update now.
19:40:35 <lewyssmith> Cannot: using LMDE sorry.
19:40:36 <wilcal> coffee should be best for you
19:40:55 <wilcal> mirrors.kernel.org is best here in the States
19:41:03 <lewyssmith> Look at my last comment, end.
19:41:05 <DavidWHodgins> Or princeton now
19:42:25 <lewyssmith> Then I shall have a go at the aged https://bugs.mageia.org/show_bug.cgi?id=17536. Len needs a break before he goes mad.
19:42:33 <DavidWHodgins> :-)
19:43:05 <tjandrews> About vbox... I'm wondering about the pre-built server kernel i586 kmods and my particular machine. What would happen if I were just to remove them? Would dkms take care of it locally?
19:43:21 <DavidWHodgins> Luigi12: Can you add a new advisory of openjpeg2? It's hard to figure out what to include from the current bug report
19:43:46 <lewyssmith> I was going to start that by amassing all the CVEs.
19:43:46 <Luigi12> DavidWHodgins: that's the hold-up, the ASAN test was needed to determine if two particular CVEs were fixed
19:43:58 <DavidWHodgins> Ah. Got it
19:44:01 <Luigi12> one is probably a duplicate of one that's definitely fixed, but the other is a complete unknown
19:44:16 <Luigi12> I'm frustrated with how difficult it has been to try to get ASAN working (as is Len, I'm sure)
19:44:26 <Luigi12> I also wish *someone* in our packager pool could help
19:44:32 <lewyssmith> In which case we just believe it, & make sure it works otherwise. ASAN is not our business.
19:44:36 <tarazed> Luigi12: definitely
19:44:36 <DavidWHodgins> tjandrews: Installing the new version of vb should automatically take care of the kmods
19:45:01 <Luigi12> so I'll probably just have to make an advisory and leave off the two CVEs, we know the update works at least
19:45:21 <DavidWHodgins> Ok. Once that's done, we can go ahead and validate it finally.
19:45:22 <tjandrews> Well, I was just wondering if somehow the pre-built ones aren't working for me.
19:45:27 <tarazed> lewis: ASAN is becoming widespread and would certainly help with testing.
19:45:30 <Luigi12> tjandrews: yeah you can get rid of all the kmod packages and use dkms-virtualbox (host) or dkms-vboxadditions (guest) instead
19:45:48 <tjandrews> Sorry, that question was supposed to wait...
19:46:22 <DavidWHodgins> Ah. Forgot about the dkms ones, so mis-understood the question.
19:46:25 <lewyssmith> openjpeg2: I will re-test it.
19:46:28 <Luigi12> lewyssmith: we do try to confirm CVEs are fixed if possible/feasible.  I was hoping this wouldn't have been so difficult.  Normally I haven't asked QA testers to use ASAN (I believe MrsB has used it though) and just trust that the patches fix what they purport to fix.
19:46:57 <Luigi12> The difference with openjpeg2 was we updated to a new version, but nothing (even RedHat's bugzilla) says whether or not those two CVEs were supposed to be fixed in the new version.
19:47:14 <lewyssmith> We cannot get bogged down in compiling things. We have enough on our plate.
19:47:32 <DavidWHodgins> Yeah. When testing is beyond what we can do, based on our knowledge or available resources, we just have to ensure the update installs cleanly
19:47:34 <Luigi12> like I said, this was a special case
19:47:47 <Luigi12> but yeah we tried and couldn't figure it out, so we'll have to move on
19:48:06 <tarazed> Yes, and local builds are not all that difficult.
19:48:20 <DavidWHodgins> Any other updates that look scary?
19:48:26 <Luigi12> and thanks to tarazed for documenting that process for apprentice packagers and anyone else interested :o)
19:48:39 <wilcal> lots of ok's in there
19:49:12 <DavidWHodgins> Yeah. I'll sit down for a few hours after the meeting, and get the advisories into svn, and then validate them
19:49:13 <tarazed> You did the work Luigi12
19:49:16 <Luigi12> php-adodb looks to be the only questionable one
19:49:26 <lewyssmith> Luigi12: tarazed: Where?
19:49:28 <Luigi12> tarazed: true :o) but you actually put it all together
19:50:02 <Luigi12> ahh, looks like php-adodb is used by cacti and moodle, which we've tested before
19:50:38 <lewyssmith> Know them both!
19:51:50 <lewyssmith> DavidWHodgins: "get the advisories into svn, and then validate them": are you talking of single OKs?
19:51:56 <DavidWHodgins> Yeah. For an update like that, check "urpmq --whatrequires phpp-adodb", and if that works before and after installing the update, ok it
19:52:40 <DavidWHodgins> Yes. We are still validating after single OKs, except for kernel, vb, qemu, and other hardware dependant updates
19:53:02 <DavidWHodgins> Things like xen and llvm too.
19:53:52 <lewyssmith> Yet we have been quite diligent about double OKs despite the flood. No objection, though, to 1.
19:55:00 <DavidWHodgins> Double oks are obviously better, but we won't hold an with just one. The biggest holdup right now, is me getting the advisories into svn
19:55:23 <lewyssmith> Or me. Let's have 'the roundup'.
19:55:43 <DavidWHodgins> #topic * Luigi's roundup - Security news & expected updates
19:55:54 <DavidWHodgins> How scary is the list this week:
19:56:01 <DavidWHodgins> s /:/?/
19:56:08 <Luigi12> good question
19:56:18 <tjandrews> Not sure I want to know...
19:56:27 <Luigi12> haha
19:56:39 <Luigi12> newest bug I've filed is for java-1.8.0-openjdk, so that's committed in SVN and will hopefully be pushed soon
19:56:52 <Luigi12> I need a freeze push in Cauldron first
19:57:36 <Luigi12> the fuzz testers of the world have turned their attention to the japser library, which has a new upstream and is finally being actively maintained for the first time in years, so we should have an update for that once that settles down a bit
19:57:55 <Luigi12> they also found a bunch of issues in potrace and some more in mupdf
19:58:08 <Luigi12> we have a libgd update pending
19:58:18 <DavidWHodgins> Too bad more developers don't use fuzz testing, before releasing software
19:58:35 <Luigi12> a bug was filed for the derby package last Friday, hopefully neoclust will address that soon
19:58:54 <Luigi12> DavidWHodgins: yeah, I imagine that should become a more common practice as we move forward over the next few years
19:59:52 <tjandrews> In my business, the only place for fuzz is on peaches.
20:00:07 <DavidWHodgins> #info Updates expected for  java-1.8.0-openjdk, jasper soon, potrace, mupdf, libgd and derby
20:00:24 <Luigi12> finally, Google has updated Chrome to 54
20:01:03 <tmb> and virtualbox-5.1.8 is currently (re)building
20:01:04 <Luigi12> the google-chrome-stable package on Linux has dropped the bundled Pepper Flash, which is an inconvenience to those who were relying on that for Flash (even for Firefox in conjunction with freshplayerplugin), so that's a real pain
20:01:13 <DavidWHodgins> Ouch. derby is required only by bookkeepr-java or springframwork-jdbc. What a pain to test
20:01:21 <Luigi12> obviously we also have to update chromium-browser-stable
20:01:32 <Luigi12> DavidWHodgins: well we can just verify that it installs fine
20:01:49 <Luigi12> and yes, as tmb said, VirtualBox 5.1.8 is on the way.  It fixes several security issues too.
20:01:59 <DavidWHodgins> Yeah. I think that will have to do for that one. It's not like a lot of people are likely to be using it.
20:02:05 <Luigi12> reminder of our new tool for security bugs http://madb.mageia.org/tools/security
20:02:11 <Luigi12> DavidWHodgins: indeed
20:03:02 <DavidWHodgins> I guess they decided, that since adobe finally updated flash for linux, they didn't need the pepper flash anymore
20:03:14 <Luigi12> well Adobe hasn't update it yet, but they are going to
20:03:24 <Luigi12> but they do make the Pepper variety available as a separate download now
20:03:38 <Luigi12> but not in RPM form
20:03:42 <lewyssmith> Interesting that it took Google to move Adobe.
20:03:43 * DavidWHodgins confused!
20:04:02 <Luigi12> NPAPI Flash with the new version is only in beta currently
20:04:07 <DavidWHodgins> I hate flash. Always have. :-)
20:04:12 <Luigi12> yes, everyone should
20:04:21 <DavidWHodgins> Security nightmare from day 1
20:04:26 <lewyssmith> It should be banned.
20:04:44 <Luigi12> so we really need someone to update our flash-player-plugin to use Pepper Flash, otherwise our users who use that will not have a way to easily keep it up to date anymore
20:04:53 <Luigi12> as if it couldn't get any worse, it has
20:05:09 <Luigi12> yeah, I wish Google would just drop Flash from all platforms and say "no more!"
20:05:15 <DavidWHodgins> #info New tool available http://madb.mageia.org/tools/security
20:06:26 <DavidWHodgins> #info update coming for chromium-browser-stable too
20:06:39 <DavidWHodgins> Thanks Luigi12
20:06:57 <tjandrews> It would take something like that to get my local TV station to quit using Flash.
20:07:09 <DavidWHodgins> #topic * Anything else?
20:07:21 <lewyssmith> Not from me.
20:07:26 <DavidWHodgins> Nothing else from me
20:07:28 <wilcal> not from me
20:07:46 <rindolf> not from me either.
20:07:57 <tarazed> nor me
20:08:00 <DavidWHodgins> tmb: Thanks for getting the advisory for the kernel update loaded to svn, and the update pushed so quickly.
20:08:15 <DavidWHodgins> Countdown time
20:08:17 <DavidWHodgins> 5
20:08:20 <lewyssmith> So I shall say 'Goodbye' and leave you. Thanks to those who attended. And to tmb & David & Dave.
20:08:21 <DavidWHodgins> 4
20:08:22 <Luigi12> I had already booted the update from testing on my laptop, but I still need to reboot this workstation
20:08:23 <wilcal> yup bye all
20:08:30 <DavidWHodgins> 3
20:08:33 <Luigi12> so yeah, that was fast
20:08:34 <rindolf> bye all.
20:08:35 <Luigi12> peace out
20:08:38 <DavidWHodgins> 2
20:08:41 <DavidWHodgins> 1
20:08:49 <DavidWHodgins> Thanks for attending everyone!
20:08:52 <tarazed> Ciao
20:08:55 <DavidWHodgins> #endmeeting