[blog] 01/01: ENH: 137: add my bugs filed and archlinux imap
Santiago Torres-Arias
sangy-guest at moszumanska.debian.org
Tue Dec 5 00:35:10 UTC 2017
This is an automated email from the git hooks/post-receive script.
sangy-guest pushed a commit to branch master
in repository blog.
commit 78835b02daf8668a499dfea307a7204cc6d3ebf3
Author: Santiago Torres <torresariass at gmail.com>
Date: Mon Dec 4 19:34:58 2017 -0500
ENH: 137: add my bugs filed and archlinux imap
---
drafts/137.mdwn | 25 +++++++++++++++++++++----
1 file changed, 21 insertions(+), 4 deletions(-)
diff --git a/drafts/137.mdwn b/drafts/137.mdwn
index fb2eb6a..06b2da4 100644
--- a/drafts/137.mdwn
+++ b/drafts/137.mdwn
@@ -1,12 +1,29 @@
+logo discussion https://lists.reproducible-builds.org/pipermail/rb-general/2017-December/000741.html
+
+Packages reviewed and fixed, and bugs filed
+-------------------------------------------
+
+* Bernhard M. Wiedemann:
+ * [openSUSE/neovim](https://build.opensuse.org/request/show/547886) hostname,username
+
+* Santiago Torres-Arias:
+ * [Make gnu-apl reproducible](https://savannah.gnu.org/bugs/index.php?52586)
+ * fbnews: sorry, there is no public record of the bug. you can see the patch [here](https://ptpb.pw/CfGQ/diff) though
+
lede/openwrt package feeds
lynxis did:
https://github.com/openwrt/packages/pull/5216
https://github.com/openwrt/packages/pull/5217
https://github.com/openwrt/packages/pull/5218
+Arch Linux imap key leakage
+---------------------------
-* Bernhard M. Wiedemann:
- * [openSUSE/neovim](https://build.opensuse.org/request/show/547886) hostname,username
+A [security issue](https://bugs.archlinux.org/task/56484) was found on the imap
+package for Arch Linux thanks to the reproducible builds efforts. Due to a
+hardcoded key-generation routine in the build() step of imap's PKGBUILD (the
+standard packaging file for Arch Linux pakcages), a default secret key was
+generated and leaked on all imap installations.
-
-logo discussion https://lists.reproducible-builds.org/pipermail/rb-general/2017-December/000741.html
+This was prompty reviewed, confirmed and fixed by the Arch Linux package
+maintainers.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/blog.git
More information about the Reproducible-commits
mailing list