Bug 2065707
| Summary: | Removal of invalid vendored project with unwanted license in aardvark-dns/netavark | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Jindrich Novy <jnovy> | |
| Component: | containers-common | Assignee: | Matthew Heon <mheon> | |
| Status: | CLOSED ERRATA | QA Contact: | Joy Pu <ypu> | |
| Severity: | high | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 8.6 | CC: | bbaude, ddarrah, lmiksik, mheon, tsweeney, ypu | |
| Target Milestone: | rc | Keywords: | Triaged | |
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | containers-common-1-27.el8 | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | 2065706 | |||
| : | 2067286 (view as bug list) | Environment: | ||
| Last Closed: | 2022-05-10 13:28:28 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | 2065706 | |||
| Bug Blocks: | 2067286 | |||
|
Comment 3
Tom Sweeney
2022-03-21 20:34:00 UTC
@ddarrah @ypu could we get a qa_ack for this please? ======= Impact Statement ======= What is the benefit of making this change after the deadline? What is the impact on customer satisfaction, and on the business? a. For bugfixes, there must be support from someone in Customer Support, a Partner Manager, Product Manager, and/or a Business Unit rep. (e.g., potentially from a layered product BU). b. It is unusual for new features to be allowed in the release after the deadline. For this reason, additional justification must be obtained from a stakeholder outside of the SST, to ensure an objective review of the benefit to the product. What is the risk to the release schedule, quality, and the impact of diverting resources from other efforts? Will there be enough time to do the necessary large-scale, cross-function, regression, stress, or fault-insertion testing that may be required to verify this change? This issue was discovered in a late PELC review. There's a gnu-license for SSL that's old and that the licensing folks have asked us to remove if at all possible. It is being pulled into the aardvark-dns project via the usage of the Rust libgit2-sys library. There were only a few calls made to this library in aardvark-dns. By removing the library and making a few small tweaks, which was already completed in Upstream a few weeks ago, the problematic license is no longer included in aardvark-dns. The aardvarkk-dns project is a relatively new project that's used to handle DNS functionality within Podman. There is little risk to the change, and it would be only for Podman as no other projects use aardvark-dns. The fix is ready to go, we just need the green light. PR complete. Setting to Post an assigning to Jindrich or further BZ and packaging needs. PR: https://github.com/containers/aardvark-dns/pull/106 And I left off the second PR that is part of this fix: https://github.com/containers/netavark/pull/262 Jindrich, I just want to verify that you saw that I'd missed a PR in my earlier comment before you made containers-common. Yes Tom, noticed the missing netavark PR and it's now applied: aardvark-dns points at: 0a8eabf6f696f4f1ab14e5722578829362304e0b netavark points at: 93af39418a38c9cc901816240c3e7ccb715108c0 Test with containers-common-1-27.module+el8.6.0+14659+d87d5274.src.rpm and the file is already removed. So set this to verified. Details: # ls containers-aardvark-dns-0a8eabf containers-netavark-93af394 # find . -name "openssl_dynamic.h" Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: container-tools:rhel8 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:1762 The needinfo request[s] on this closed bug have been removed as they have been unresolved for 365 days |