Fedora-legacy open bugs; following them &c

David Eisenstein deisenst at gtw.net
Sat Oct 21 09:29:15 UTC 2006 

Hi Eric and all,

Just as a point of information, if you all are interested in following already-
existing Fedora Legacy bugs in Bugzilla, it is pretty easy if you have a
Bugzilla account.

All you need to do is, once logged in to Bugzilla, click the grey "Account" tab
at the top of the page to get to your Bugzilla user preferences.  Once there,
click on the "Email" tab.  That should put you on web-page
<https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email>.

There is a form entry on this page, "Users to watch."  If you enter
"bugs at fedoralegacy.org" in that form, then suddenly you will be able to watch
(that is get emails about) all bug activity happening on Fedora Legacy-related
bugs, without having to be added to the bugs at fedoralegacy.org email alias by
Jesse.

Here are some bugs that have lately received at least some attention (that I am
aware of):

   * Bug 209116 <http://tinyurl.com/yz6n2e>, openssl.  A FC4 source package,
     openssl-0.9.7f-7.11.legacy, has been proposed for source-level 'PUBLISH'
     QA (are we still doing this?), and there are binary packages out there
     one can also look at and play with if one wants to.  The openssl097a
     compatibility package still needs to be worked on for FC4.  For FC3
     (which maybe we can create a new Bug item for?), both its native openssl
     and its compatibility openssl096b packages need work.  I have been hoping
     to get work done on these myself, but I am slow.
        Note that Red Hat employee Florian La Roche was kind enough to add
     some suggestions to make our work easier on this bug.

   * Bug 209167 <http://tinyurl.com/yk284t>, seamonkey.  Seamonkey is the
     best we can do to fix Mozilla, because the Mozilla foundation has stopped
     supporting the Mozilla suite (web browser, email & irc client) as of
     Mozilla-1.7.13.  However, Seamonkey has up until now been produced by
     Fedora Extras, and Kai Engert has been its maintainer.  Michal Jaegermann
     was kind enough to share information with us about his seamonkey replace-
     ment packages, and older versions for Red Hat/FC1/FC2 we can probably get
     from RHEL sources.
        So this bug is partly to work with Kai in getting the ball rolling and
     negotiating a (necessary, in my opinion) port of seamonkey from being an
     Extras package into becoming a Mozilla-replacement Core (Legacy) package,
     upon which other software (like epiphany and yelp) depend.  That way we fix
     *all* Mozilla-related security bugs.

   * Other bugs needing some attention:
      - mailman (bugs 209891 for FC4, 211676 for FC3, I guess ....).  There is
        also a much older mailman bug report (bug #193843) that perhaps we can
        still get work done on for RHL 7.3, RHL 9, FC1 & FC2.
      - openssh (bug 208727).  Originally opened to deal with FC3, FC4, RHL 7.3
        & RHL 9 releases.
      - kernel (Bug 200034).  Many patches were added for FC3 when this bug
        was being worked originally, but time has elapsed and this bug has
        grown stale.   We now need packages for fc4 as well as fc3, since no
        doubt there are new kernel vulnerabilities since Legacy was given fc4.
        This bug was also opened to help RHL 7.3, RHL 9, FC1 & FC2 distros.

By the way, Pekka Savola (bless his heart!) still maintains his Fedora Legacy
bug-list, here:
	<http://www.netcore.fi/pekkas/buglist.html>.

There are also, no doubt, scores packages with security bugs that have never
been filed in Bugzilla for FC3 and FC4.  Like for firefox/thunderbird/httpd/
kdelibs/php/etc. etc.

Hope this helped.
			Regards,
			David Eisenstein

More information about the fedora-legacy-list mailing list