https://fedoraproject.org/w/api.php?action=feedcontributions&user=Thoger&feedformat=atomFedora Project Wiki - User contributions [en]2024-03-29T11:15:44ZUser contributionsMediaWiki 1.39.4https://fedoraproject.org/w/index.php?title=Security_Response_Team&diff=311388Security Response Team2012-11-15T10:30:11Z<p>Thoger: Remove outdated information, better document current status</p>
<hr />
<div>= Overview =<br />
<br />
Fedora uses identical processes for delivering security and non-security package fixes. Unlike many other distributions that have security updates built only by members of their security teams, Fedora security updates are prepared by package maintainers. Fedora Security Response Team aims to ensure that all known security flaws affecting components included in Fedora are reported to respective maintainers.<br />
<br />
= Members =<br />
<br />
Monitoring and reporting of the issues is currently handled by members of the [https://access.redhat.com/security/team/ Red Hat Security Response Team].<br />
<br />
= Goals =<br />
<br />
* Monitor various security information sources for potential security problems (old and new ones)<br />
* When an issue is discovered: file appropriate bugs, alerting the maintainer of the need to patch their package.<br />
* Encourage and foster public discussion of various security issues and procedures via the fedora-security mailing list.<br />
<br />
= Contacting =<br />
<br />
Email is the best way to contact the Fedora Security Response Team. Public requests should be sent via [mailto:security@SPAMFREE.lists.fedoraproject.org security@SPAMFREE.lists.fedoraproject.org]. Private requests may be sent to [mailto:security@SPAMFREE.fedoraproject.org security@SPAMFREE.fedoraproject.org].<br />
<br />
= Participation =<br />
<br />
Individuals with interest in the Security Response Team, or the Fedora security process should subscribe to the [https://admin.fedoraproject.org/mailman/listinfo/security fedora security list]. The goal of this list is to provide a public venue for the discussion of security issues and policies regarding the various Fedora projects. Various members of the team can also be found in the #fedora-security channel on Freenode.<br />
<br />
[[Category:Security]]</div>Thogerhttps://fedoraproject.org/w/index.php?title=Security_of_Embedded_Software&diff=209458Security of Embedded Software2010-11-29T09:12:19Z<p>Thoger: /* gd */</p>
<hr />
<div>= Embedded Software =<br />
<br />
This page needs more work, but this is a preliminary list of packages that contain embedded software. Ideally, every effort should be made to have as much of this as possible use system libraries.<br />
<br />
== expat ==<br />
<br />
* 4Suite<br />
** RHEL4-only<br />
* cadaver<br />
** cadaver in RHEL4/5 require libexpat.so.1, but not in Fedora; has embedded expat<br />
* EMBOSS<br />
* firefox<br />
* HelixPlayer<br />
** RHEL4-only<br />
* libtlen<br />
* netcdf<br />
* nx<br />
* poco<br />
* python<br />
** needs double-checking<br />
* PyXML<br />
* seamonkey<br />
* SimGear<br />
* sitecopy<br />
* smart<br />
* spicebird<br />
* sunbird<br />
* texlive<br />
* thunderbird<br />
* tla<br />
* udunits<br />
* vnc<br />
** RHEL4-only<br />
* whatsup<br />
* wxPython<br />
* xmlrpc-c<br />
* xulrunner<br />
<br />
<br />
Other variants:<br />
* compat-expat1<br />
* mingw32-expat<br />
<br />
== gd ==<br />
* php<br />
* plt-scheme<br />
<br />
== lib3ds ==<br />
* mingw32-OpenSceneGraph<br />
* mrpt<br />
* OpenSceneGraph<br />
<br />
<br />
== libpng ==<br />
* plt-scheme<br />
<br />
<br />
== mimetex ==<br />
* kadu<br />
<br />
<br />
== Smarty ==<br />
* pgpoolAdmin<br />
* ser<br />
<br />
<br />
== zlib ==<br />
* plt-scheme<br />
<br />
<br />
Here's a list from Debian: http://svn.debian.org/wsvn/secure-testing/data/embedded-code-copies?op=file<br />
<br />
[[Category:Security]]</div>Thogerhttps://fedoraproject.org/w/index.php?title=Security_of_Embedded_Software&diff=209457Security of Embedded Software2010-11-29T09:08:32Z<p>Thoger: fix indent, compat- and mingw32- should probably be listed separately, as these are not really embedded copies</p>
<hr />
<div>= Embedded Software =<br />
<br />
This page needs more work, but this is a preliminary list of packages that contain embedded software. Ideally, every effort should be made to have as much of this as possible use system libraries.<br />
<br />
== expat ==<br />
<br />
* 4Suite<br />
** RHEL4-only<br />
* cadaver<br />
** cadaver in RHEL4/5 require libexpat.so.1, but not in Fedora; has embedded expat<br />
* EMBOSS<br />
* firefox<br />
* HelixPlayer<br />
** RHEL4-only<br />
* libtlen<br />
* netcdf<br />
* nx<br />
* poco<br />
* python<br />
** needs double-checking<br />
* PyXML<br />
* seamonkey<br />
* SimGear<br />
* sitecopy<br />
* smart<br />
* spicebird<br />
* sunbird<br />
* texlive<br />
* thunderbird<br />
* tla<br />
* udunits<br />
* vnc<br />
** RHEL4-only<br />
* whatsup<br />
* wxPython<br />
* xmlrpc-c<br />
* xulrunner<br />
<br />
<br />
Other variants:<br />
* compat-expat1<br />
* mingw32-expat<br />
<br />
== gd ==<br />
* plt-scheme<br />
<br />
<br />
== lib3ds ==<br />
* mingw32-OpenSceneGraph<br />
* mrpt<br />
* OpenSceneGraph<br />
<br />
<br />
== libpng ==<br />
* plt-scheme<br />
<br />
<br />
== mimetex ==<br />
* kadu<br />
<br />
<br />
== Smarty ==<br />
* pgpoolAdmin<br />
* ser<br />
<br />
<br />
== zlib ==<br />
* plt-scheme<br />
<br />
<br />
Here's a list from Debian: http://svn.debian.org/wsvn/secure-testing/data/embedded-code-copies?op=file<br />
<br />
[[Category:Security]]</div>Thogerhttps://fedoraproject.org/w/index.php?title=Archive:FUDCon:Berlin_2009_attendees&diff=101162Archive:FUDCon:Berlin 2009 attendees2009-05-12T07:04:07Z<p>Thoger: add myself</p>
<hr />
<div>This is the registration page for [[FUDConBerlin2009]].<br />
<br />
'''Please add your name to the list if you will attend.''' Also, please indicate the following:<br />
* Put an '''X''' in the ''$$$'' column if you need funding to attend. We'll use these answers to help figure out budgeting for the event.<br />
* Put your T-shirt size in the ''Size'' column, so we can have an idea about what sizes to have available.<br />
* We request your email address in case we need to send announcements about FUDCon in channels other than fedora-announce-list and Planet Fedora.<br />
<br />
{{Admon/note | Budget is tight! | ''We typically cannot fund everyone who wants to attend.'' We will make every effort to have FUDCon be as affordable as possible. [[FUDCon:Berlin_2009_lodging|Hotel information is now available]].}}<br />
<br />
{|class="wikimedia sortable" style="t1" rowclass="th"<br />
! Number !! Name !! Funding? !! Size !! Email address (if not on your wiki page) !! Notes<br />
|-<br />
| 001 || [[MaxSpevack]] || || L || ||<br />
|-<br />
| 002 || [[FabianAffolter]] || || XL || ||<br />
|-<br />
| 003 || [[RadekVokal]] || X || L || ||<br />
|-<br />
| 004 || [[User:Red|Sandro Mathys]] || || M || ||<br />
|-<br />
| 005 || [[GeroldKassube]] || X || XXL || ||<br />
|-<br />
| 006 || [[User:Pfrields|Paul W. Frields]] || || XXL || ||<br />
|-<br />
| 007 || [[User:Robert|Robert Scheck]] || X || XXL || ||<br />
|-<br />
| 008 || [[User:Mmahut|Marek Mahut]] || X || XL || ||<br />
|-<br />
| 009 || [[LennartPoettering]] || || L || || I live in Berlin<br />
|-<br />
| 010 || [[User:Glezos|Dimitris Glezos]] || X || M || || Staying at a friend.<br />
|-<br />
| 011 || [[User:Cwickert|Christoph Wickert]] || X || L || ||<br />
|-<br />
| 012 || [[ChristianGrams]] || || XXL || || Staying with family<br />
|-<br />
| 013 || [[User:Kanarip|Jeroen van Meeuwen]] || || XL || || Good to be #13! Awesome!<br />
|-<br />
| 014 || [[User:biertie|Bert Desmet]] || Helpful for lodging || XL || || <br />
|-<br />
| 015 || [[User:spot|Tom Callaway]] || X || XXL || || Max said he'd pay for me to be there. :)<br />
|-<br />
| 016 || [[User:ynemoy |Yaakov Nemoy]] || Helpful || M || || Moar Cowbell!<br />
|-<br />
| 017 || [[User:ixs | Andreas Thienemann]] || || XXL || || Yeah, sweet sixteen.<br />
|-<br />
| 018 || [[User:baard | Stefan Hartsuiker]] || || XXL || ||<br />
|-<br />
| 019 || [[User:olea | Ismael Olea]] || Helpful || XXL || ||<br />
|-<br />
| 020 || [[User:thl | Thorsten Leemhuis]] || Helpful for lodging || M || || No ticket needed for LinuxTag <br />
|-<br />
| 021 || [[FrancescoCrippa]] || || XL || ||<br />
|-<br />
| 022 || [[User:Bokal]] || X || M || || I live in Bremen<br />
|-<br />
| 023 || [[User:Lkundrak|Lubomir Rintel]] || X || XXL || ||<br />
|-<br />
| 024 || [[User:Lfoppiano|Luca Foppiano]] || X || M || ||<br />
|-<br />
| 025 || [[User:Tiagovieira|Tiago Vieira]] || X || XL || || <br />
|-<br />
| 026 || [[User:Lazzurs|Rob Lazzurs]] || || XXL || ||<br />
|-<br />
| 027 || [[User:e1luca|Ewan Luca]] || X || XXL || ||<br />
|-<br />
| 028 || [[User:linville|John W. Linville]] || X || XXL || ||<br />
|-<br />
| 029 || [[User:romal|Robert M. Albrecht]] || || XL || ||<br />
|-<br />
| 030 || [[User:twoerner|Thomas Woerner]] || || M || ||<br />
|-<br />
| 031 || [[User:wonderer|Henrik Heigl]] || X || XL || ||<br />
|-<br />
| 032 || [[User:jasper|Jasper Capel]] || ? || M || ||<br />
|-<br />
| 033 || [[User:nicubunu|Nicu Buculei]] || X || XL || || Trying to get a few more contributors from my country to participate<br />
|-<br />
| 034 || [[User:crossovo|Daniel Kretschmer]] || Helpful || M || ||<br />
|-<br />
| 035 || [[User:pknirsch|Phil Knirsch]] || || XL || ||<br />
|-<br />
| 036 || Luiz Davi L Martins || X || XXL || luizdavilm@gmail.com || I live in Mannheim (near Frankfurt).<br />
|-<br />
| 037 || [[User:johannbg|Johann B.]] || X || XL || ||<br />
|-<br />
| 038 || [[User:aarapov|Anton Arapov]] || X || L || ||<br />
|-<br />
| 039 || [[User:Giangy|Gianluca Varisco]] || X || XL || ||<br />
|-<br />
| 040 || [[User:mjung|Marko Jung]] || || XL || || ''I think I will be around ;-)''<br />
|-<br />
| 041 || [[FlorianFesti | Florian Festi]] || || XXXL || || Damn, one too early for 42<br />
|-<br />
| 042 || [[User:Nphilipp|Nils Philippsen]] || || XL || || Argh, one too late for 41<br />
|-<br />
| 043 || [[User:Mmaslano|Marcela Mašláňová]] || X || S || || <br />
|-<br />
| 044 || [[User:mjg|Michael J Gruber]] || || XXL || || Will probably stay with family.<br />
|-<br />
| 045 || [[User:jens|Jens Kühnel]] || would be nice || M || || <br />
|-<br />
| 046 || [[User:harald|Harald Hoyer]] || || L || || <br />
|-<br />
| 047 || Denys Vlasenko || || XL || ||<br />
|-<br />
| 049 || Armin Singer || || XL || fudconguest@equicon.de ||<br />
|-<br />
| 050 || [[SebastianDziallas]] || X || L || ||<br />
|-<br />
| 051 || [[HendrikRichter]] || || M || hendrikr@gnome.org || <br />
|-<br />
| 052 || [[User:kraxel|Gerd Hoffmann]] || || M || || Friday and Saturday only<br />
|-<br />
| 053 || [[User:Bochecha|Mathieu Bridon]] || X || M || || No ticket needed for LinuxTag, going only to FUDcon<br />
|-<br />
| 054 || [[User:Nashella|Nadège Michel]] || X || S || || No ticket needed for LinuxTag, going only to FUDcon<br />
|-<br />
| 055 || [[User:Gbraad|Gerard Braad]] || Helpful || M || || Not sure which date, maybe 26 or 27th<br />
|-<br />
| 056 || [[User:Pbrobinson|Peter Robinson]] || Helpful || L || || Prob arrive Thurs 25th.<br />
|-<br />
| 057 || [[User:Pvrabec|Peter Vrabec]] || X || M || || <br />
|-<br />
| 058 || [[User:Libbe|Espen Stefansen]] || Helpful || XL || || <br />
|-<br />
| 059 || [[User:Hans|Hans-Joachim Picht]] || || L || hans@fedoraproject.org || <br />
|-<br />
| 060 || Steffen Maier || || XL || smaier at users.sourceforge.net || <br />
|-<br />
| 061 || Renke Brausse || || M || rbrausse /at/ gmx.net || <br />
|-<br />
| 062 || Philipp Hanselmann || || M || philipp.hanselmann id.ethz.ch || <br />
|-<br />
| 063 || [[JoshBressers]] || || L || ||<br />
|-<br />
| 064 || [[MarkCox]] || || L || ||<br />
|-<br />
| 065 || [[User:Eteo|Eugene Teo]] || || XXL || ||<br />
|-<br />
| 066 || [[User:mdious|Murray McAllister]] || || M || ||<br />
|-<br />
| 067 || [[User:Jlieskov|Ján Lieskovský]] || || L || ||<br />
|-<br />
| 068 || [[User:vdanen|Vincent Danen]] || || L || ||<br />
|-<br />
| 069 || Johannes Berg || - || S || johannes -at- sipsolutions.net || wireless mini summit (will be there 25 afternoon - 28 afternoon)<br />
|-<br />
| 070 || [[User:choeger|Christoph Höger]] || || L || choeger@cs.tu-berlin.de || live in berlin<br />
|-<br />
| 071 || [[User:schonef|Marc Schoenefeld]] || || L || || 2 * 42 - 13 <br />
|-<br />
| 072 || Rainer Schaupp || - || XL || rschaupp -ät- kreativhaus-tpz.de || I live in B<br />
|-<br />
| 073 || Bob Copeland || || L || me -at- bobcopeland.com || @ wireless mini summit<br />
|-<br />
| 074 || Ivo van Doorn || || XL || IvDoorn -at- gmail.com || @ wireless mini summit<br />
|-<br />
| 075 || Luis Correia || X || XL || luis.f.correia -at- gmail.com || @ wireless mini summit<br />
|-<br />
| 076 || swamych || X || M || swamych -at- gmail.com ||<br />
|-<br />
| 077 || [[User:jpmcd|John P. McDonough]] || || XL || jp -at- is-sixsigma.com ||<br />
|-<br />
| 078 || [[User:duffy|Máirín Duffy]] || X || S or XS || duffy *~*at*~* redhat *~*dot*~* com || I <3 pink ponies<br />
|-<br />
| 079 || Thorsten Scherf || || L || tscherf -at- redhat.com || <br />
|-<br />
| 080 || Hin-Tak Leung || X || L || htl10 -at- users.sourceforge.net || @ wireless mini summit<br />
|-<br />
| 081 || [[User:Plautrba|Petr Lautrbach]] || X || L || ||<br />
|-<br />
| 082 || [[User:Heffer|Felix Kaechele]] || would be great || M || ||<br />
|-<br />
| 083 || [[User:jnovy|Jindřich Nový]] || X || L || ||<br />
|-<br />
| 084 || [[User:jskala|Jiří Skála]] || X || XL || ||<br />
|-<br />
| 085 || [[User:mapleoin|Ionuț Arțăriși]] || X || L ||<br />
|-<br />
| 086 || [[User:jsafrane|Jan Šafránek]] || X || L || ||<br />
|-<br />
| 087 || [[User:tsantore|Tristan Santore]] || || M || TSantore -at- fedoraproject.org ||<br />
|-<br />
| 088 || Felix Fietkau || || L || nbd -at- openwrt.org || @ wireless mini summit<br />
|-<br />
| 089 || Kern Sibbald || || L || kern -at- baculasystems.com || <br />
|-<br />
| 090 || Sumit Bose || || L || sbose -at- redhat.com || live near Berlin<br />
|-<br />
| 091 || [[User:bitshaka|Matthias Adler]] || || M || || live in berlin<br />
|-<br />
| 092 || Kalle Valo || || XXL || kalle.valo@iki.fi || @ wireless mini summit<br />
|-<br />
| 093 || [[User:andreasr|Andreas Rau]] || || L || Andreas.Rau@unibas.ch || <br />
|-<br />
| 094 || Niels Weber || || M || nath -at- wsjg.de || live in Berlin<br />
|-<br />
| 095 || Jouni Malinen || || || j@w1.fi || @ wireless mini summit<br />
|-<br />
| 096 || [[User:Hondra| Ondrej Hudlicky]] || X || L || || <br />
|-<br />
| 097 || Petr Muller || X || XL || pmuller -at- redhat.com || <br />
|-<br />
| 098 || [[User:Rdieter|Rex Dieter]] || X || XL || || partial funding (hopefully) coming from kde<br />
|-<br />
| 099 || Sirko Kemter || || XL || sirko at radiotux.de || <br />
|-<br />
| 100 || [[User:Markmc|Mark McLoughlin]] || || M || || <br />
|-<br />
| 101 || [[User:Rjones|Richard Jones]] || || XL || || Red Hat is funding<br />
|-<br />
| 102 || [[User:Jjmcd|John J. McDonough]] || || XL || || Was on here a few weeks ago but disappeared. Not to be confused with [[User:Jpmcd]] #77<br />
|-<br />
| 103 || [[User:thoger|Tomas Hoger]] || || L || ||<br />
|-<br />
| Number || Name || Funding? || Shirt size? || Email address (if not on your wiki page) || <br />
Notes<br />
|}<br />
<br />
<br />
[[Category:Events]] [[Category:FUDCon]]</div>Thogerhttps://fedoraproject.org/w/index.php?title=PackagingDrafts/PatchUpstreamStatus&diff=34219PackagingDrafts/PatchUpstreamStatus2008-06-13T07:29:47Z<p>Thoger: manually merge lost comments from wikiold lost during the moinmoin -> mediawiki transition. wiki team is aware of the issue, but does not seem to care...</p>
<hr />
<div>== All patches should have an upstream bug link or comment ==<br />
<br />
All patches in Fedora spec files '''SHOULD''' have a comment above them about their upstream status. Any time you create a patch, it is best practice to file it in an upstream bug tracker, and include a link to that in the comment above the patch. For example:<br />
<br />
<pre><br />
# http://bugzilla.gnome.org/show_bug.cgi?id=12345<br />
Patch0: gnome-panel-fix-frobnicator.patch<br />
</pre><br />
<br />
The above is perfectly acceptable; but if you prefer, a brief comment about what the patch does above can be helpful:<br />
<br />
<pre><br />
# Don't crash with frobnicator applet<br />
# http://bugzilla.gnome.org/show_bug.cgi?id=12345<br />
Patch0: gnome-panel-fix-frobnicator.patch<br />
</pre><br />
<br />
Sending patches upstream and adding this comment will help ensure that Fedora is acting as a good FLOSS citizen (see [[PackageMaintainers/WhyUpstream| Why Upstream?]] ). It will help others (and even you) down the line in package maintenance by knowing what patches are likely to appear in a new upstream release.<br />
<br />
=== If upstream doesn't have a bug tracker ===<br />
You can indicate that you have sent the patch upstream and any known status:<br />
<br />
<pre><br />
# Sent upstream via email 20080407<br />
Patch0: foobar-fix-the-bar.patch<br />
</pre><br />
<br />
<br />
<pre><br />
# Upstream has applied this in SVN trunk<br />
Patch0: foobar-fix-the-baz.patch<br />
</pre><br />
<br />
=== Fedora-specific (or rejected upstream) patches ===<br />
It may be that some patches truly are Fedora-specific; in that case, say so:<br />
<br />
<pre><br />
# This patch is temporary until we land the long term System.loadLibrary fix in OpenJDK<br />
Patch0: jna-jni-path.patch<br />
</pre><br />
<br />
= Why upstream? =<br />
<br />
Refer [[PackageMaintainers/WhyUpstream| Why Upstream?]]</div>Thoger