Bug 198652 - Please pull v0.27
Summary: Please pull v0.27
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: monotone   
(Show other bugs)
Version: 5
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
Assignee: Roland McGrath
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-07-12 15:03 UTC by Jonathan S. Shapiro
Modified: 2007-11-30 22:11 UTC (History)
2 users (show)

Fixed In Version: 0.28-2.fc5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-03 23:11:08 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Jonathan S. Shapiro 2006-07-12 15:03:10 UTC
Roland:

Monotone v0.27 includes a significant security bugfix: passwords grabbed from
.monotonerc were written to the log file in 0.26; this has been corrected in 0.27.

If it's not a huge mess, possible to update the extras package to 0.27? I'ld
volunteer, but I'm getting on a plane at 0400 tomorrow AM, and off the air for
several weeks.

Marked "high" because of the security issue

Comment 1 Jonathan S. Shapiro 2006-07-12 15:04:06 UTC
For confirmation on the passphrase bug, refer to:

    http://www.venge.net/monotone/NEWS

It's the third bug fix in the "bug fixes" list.

Comment 2 Ville Skyttä 2006-07-12 18:44:43 UTC
The FC5 build which succeeded is on its way to the repository at the moment, but
the FC4 and devel builds seem to have failed:

http://buildsys.fedoraproject.org/build-status/job.psp?uid=12485
http://buildsys.fedoraproject.org/build-status/job.psp?uid=12488

Comment 3 Roland McGrath 2006-07-24 21:53:51 UTC
The devel build seems to have failed due to some problem in the rawhide gcc.
I resubmitted the build and it worked with the newer devel build environment.


Comment 4 Thomas Moschny 2006-08-03 11:04:33 UTC
Meanwhile, 0.28 is available, containing new features, enhancements, and 
bugfixes, see http://venge.net/monotone/NEWS.

Comment 5 Roland McGrath 2006-08-03 23:11:08 UTC
I've built 0.28 and it should propagate as soon as it gets signed and such.


Note You need to log in before you can comment on or make changes to this bug.