Bug 1751976

Summary: Non-responsive maintainer check for vakwetu​
Product: [Fedora] Fedora Reporter: Miro Hrončok <mhroncok>
Component: resteasyAssignee: Ade Lee <alee>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: alee, ascheel, dingyichen, dmoluguw, edewata, java-sig-commits, puntogil, weli
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-10-21 19:01:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1372118, 1372122, 1372125, 1372130, 1404912, 1456313, 1471273, 1471275, 1471277, 1471279, 1480769, 1481780, 1539175, 1590941, 1736585    
Bug Blocks:    

Description Miro Hrončok 2019-09-13 10:46:53 UTC 
This bug is part of the non-responsive maintainer procedure for vakwetu​, following https://docs.fedoraproject.org/en-US/fesco/Policy_for_nonresponsive_package_maintainers/.

Please respond if you are still active in Fedora and want to maintain resteasy.
Comment 1 Dinesh Prasanth 2019-09-13 18:12:41 UTC 
As a member of the Dogtag team, I'm responding on behalf of @vakwetu. We will be taking over this package and will be responsible to fix the CVEs. Please do not retire resteasy.
Comment 2 Miro Hrončok 2019-09-13 20:21:16 UTC 
Nobody's retiring anything.

What is your time frame? Some of the security bugs are 3 years old. Could you please assing the package to somebody who will be actually working on it?
Comment 3 Miro Hrončok 2019-09-13 20:22:03 UTC 
> Could you please assing the package to somebody who will be actually working on it?

Taking that back, I see now that the package is assigned to you.
Comment 4 Alex Scheel 2019-09-16 19:27:56 UTC 
Miro,


I'll be updating resteasy next month in F29-rawhide. I'm not sure what version we'll rebase to, we'll have to see what Dogtag works with. We can go at least to 3.0.26, which to my knowledge fixes all CVEs that I'm aware of.

Should I take the assignee of this bug too, or just the FTBFS+CVE bugs?
Comment 5 Miro Hrončok 2019-09-16 20:16:22 UTC 
Whatever works for you the best.
Comment 6 Dinesh Prasanth 2019-10-21 19:01:03 UTC 
Greetings everyone!

we have rebased resteasy to 3.0.26.

We have placed the updates on bodhi too. 

F30: https://bodhi.fedoraproject.org/updates/FEDORA-2019-6cb9165980
F31: https://bodhi.fedoraproject.org/updates/FEDORA-2019-636c9ead78
F32/rawhide: https://bodhi.fedoraproject.org/updates/FEDORA-2019-9cf340d96e

So, closing this bug as CURRENTRELEASE. Feel free to modify the fields if necessary :)