dag at wieers.com
Sun Nov 14 14:23:04 CET 2010
On Sun, 14 Nov 2010, Nils Breunese (Lemonbit) wrote:
> Yury V. Zaytsev wrote:
>> No announcement has been made so far, because the migration is not
>> complete as of yet.
> Since the migration is already impacting users, I expected an
> announcement. I just joined this mailinglist today, so I thought I might
> have missed it, but I couldn't find anything on the website or in the
> mailinglist archive, so I joined to ask.
In fact the problems you are seeing right now is because of a bug in the
repository metadata creation. It has been resolved, but the issue may
remain for the next 12 to 24 hours. Thank god it's Sunday, people are
>>> * I can't find subversion nor mod_dav_svn in either repository (checked
>>> for EL4-i386). Will they be back?
>> Well, the old ones were cleaned already because of CVE's I guess and new
>> one doesn't build because of illegal macro substitutions + unresolved
>> ruby deps for ruby bindings.
>> This can be worked around and the whole package is asking for a revamp,
>> but I don't have time AND build host to debug it, so hopefully someone
>> else will take care of this.
> So a security conscious user's best bet is currently to downgrade back
> from subversion-1.4.6-0.2.el4.rf to subversion-1.1.4-3.el4_8.2? Hm, I'd
> have to look into that, since that will also mean converting all
> repositories back to an older Subversion repository format.
No, due to the same problem mentioned above, the packages are in the wrong
place (most of them are in the extras repository because of this bug).
Once the mirrors are fixed, they should be available again. However, the
subversion packages replace the original Red Hat packages and will stay in
the extras repository.
Exactly because of the fact we cannot guarantee security-problems are
fixed, they shouldn't be offered by default. If security is very
important, you should stay with rpmforge and not use rpmforge-extras.
-- dag wieers, dag at wieers.com, http://dag.wieers.com/
-- dagit linux solutions, info at dagit.net, http://dagit.net/
[Any errors in spelling, tact or fact are transmission errors]
More information about the users