Red Hat Bugzilla – Bug 198652
Please pull v0.27
Last modified: 2007-11-30 17:11:37 EST
Monotone v0.27 includes a significant security bugfix: passwords grabbed from
.monotonerc were written to the log file in 0.26; this has been corrected in 0.27.
If it's not a huge mess, possible to update the extras package to 0.27? I'ld
volunteer, but I'm getting on a plane at 0400 tomorrow AM, and off the air for
Marked "high" because of the security issue
For confirmation on the passphrase bug, refer to:
It's the third bug fix in the "bug fixes" list.
The FC5 build which succeeded is on its way to the repository at the moment, but
the FC4 and devel builds seem to have failed:
The devel build seems to have failed due to some problem in the rawhide gcc.
I resubmitted the build and it worked with the newer devel build environment.
Meanwhile, 0.28 is available, containing new features, enhancements, and
bugfixes, see http://venge.net/monotone/NEWS.
I've built 0.28 and it should propagate as soon as it gets signed and such.