Roland: Monotone v0.27 includes a significant security bugfix: passwords grabbed from .monotonerc were written to the log file in 0.26; this has been corrected in 0.27. If it's not a huge mess, possible to update the extras package to 0.27? I'ld volunteer, but I'm getting on a plane at 0400 tomorrow AM, and off the air for several weeks. Marked "high" because of the security issue
For confirmation on the passphrase bug, refer to: http://www.venge.net/monotone/NEWS It's the third bug fix in the "bug fixes" list.
The FC5 build which succeeded is on its way to the repository at the moment, but the FC4 and devel builds seem to have failed: http://buildsys.fedoraproject.org/build-status/job.psp?uid=12485 http://buildsys.fedoraproject.org/build-status/job.psp?uid=12488
The devel build seems to have failed due to some problem in the rawhide gcc. I resubmitted the build and it worked with the newer devel build environment.
Meanwhile, 0.28 is available, containing new features, enhancements, and bugfixes, see http://venge.net/monotone/NEWS.
I've built 0.28 and it should propagate as soon as it gets signed and such.