release same package as in 4.1
Michal, I see OpenStack is shipping novnc-0.6.1 instead of novnc-0.5.1. 0.6.1 is availablein EPEL https://koji.fedoraproject.org/koji/buildinfo?buildID=786270 Do we need it in oVirt / RHV?
(In reply to Sandro Bonazzola from comment #3) > Michal, I see OpenStack is shipping novnc-0.6.1 instead of novnc-0.5.1. > 0.6.1 is availablein EPEL > https://koji.fedoraproject.org/koji/buildinfo?buildID=786270 > Do we need it in oVirt / RHV? I believe we should - it supposed to offer some performance improvements and better display resizing. However, looks like we better use 0.6.2, which has a security fix (see https://github.com/novnc/noVNC/releases )
(In reply to Yaniv Kaul from comment #4) > (In reply to Sandro Bonazzola from comment #3) > > Michal, I see OpenStack is shipping novnc-0.6.1 instead of novnc-0.5.1. > > 0.6.1 is availablein EPEL > > https://koji.fedoraproject.org/koji/buildinfo?buildID=786270 > > Do we need it in oVirt / RHV? > > I believe we should - it supposed to offer some performance improvements and > better display resizing. However, looks like we better use 0.6.2, which has > a security fix (see https://github.com/novnc/noVNC/releases ) Moving this back to assigned then, thanks
that is not relevant, we do not use that part. Compatibility with our oVirt integration is not guaranteed, everytime in the past there was a breakage, so we need to check it first anyway. Then we see if we upgrade or not
for now, this is what we go out with opened a separate bug 1502652 for update and let's see where it lands
Sandro, lrotenbe noticed that 0.6.2 has been added yesterday into http://cbs.centos.org/repos/virt7-ovirt-42-testing/$basearch/os/ Do you know why? Can it be removed? It does break the functionality of the current 4.2 testing
(In reply to Michal Skrivanek from comment #8) > Sandro, lrotenbe noticed that 0.6.2 has been added yesterday into > http://cbs.centos.org/repos/virt7-ovirt-42-testing/$basearch/os/ > Do you know why? Can it be removed? > It does break the functionality of the current 4.2 testing 0.6.2 has security fixes so it has been built to address the security issue. Please adapt oVirt to match newer version since we can't keep relying on a version with security issues. See above comments for rationale.
Which security issue? Is it relevant to RHV? It didn't seem to me so. Once it is relevant the upgrade is going to be treated urgently, otherwise it's just a regular priority tracked in bug 1502652
Verified: novnc-0.5.1-2.el7.noarch : VNC client using HTML5 (Web Sockets, Canvas) with encryption support Repo : rhel-7-server-rhv-4-tools-beta-rpms
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:1514
BZ<2>Jira Resync