fix e-mail address #350
Closed
fix e-mail address #350
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Merged in 12aa832, thanks! |
ghost
deleted the
gentoo-bot
pushed a commit
that referenced
this pull request
Dec 6, 2018
commit c9cd57d Author: Zac Medico <zmedico@gentoo.org> Date: Tue Aug 7 21:04:19 2018 -0700 Updates for portage-2.3.45 release commit 807ac3d Author: Michael Orlitzky <mjo@gentoo.org> Date: Tue Aug 7 12:46:04 2018 -0400 bin/install-qa-check.d: add new 90bad-bin-group-write QA check. System executables that are writable by a non-root user pose a security risk. Anyone who can write to an executable can change its behavior. If that executable is later run with elevated privileges (say, by root, when the machine starts), then the non-root user can escalate his own privileges to those of the person running the modified executable. The 90bad-bin-owner check already addresses one cause for a non-root user to be able to modify an executable: because he owns it. This commit adds another check, to ensure that no non-root *groups* have write access to any system executables. On a "normal" system, all system executables should be writable only by the super-user's group, if any. To avoid false-positives, non-"normal" systems (like prefix) are skipped. Closes: https://bugs.gentoo.org/629398 commit 04e71a8 Author: Michael Orlitzky <mjo@gentoo.org> Date: Tue Aug 7 12:46:03 2018 -0400 bin/install-qa-check.d: add new 90bad-bin-owner QA check. System executables that are not owned by root pose a security risk. The owner of the executable is free to modify it at any time; so, for example, he can change a daemon's behavior to make it malicious before the next time the service is started (usually by root). On a "normal" system, the superuser should own every system executable (even setuid ones, for security reasons). This commit adds a new install-time check that reports any such binaries with a QA warning. To avoid false positives, non-"normal" systems (like prefix) are skipped at the moment. Bug: https://bugs.gentoo.org/629398 commit eb81c80 Author: Zac Medico <zmedico@gentoo.org> Date: Tue Aug 7 11:29:51 2018 -0700 action_metadata: refresh eclass cache (bug 663022) After sync, the eclass cache can contain stale data, therefore use the update_eclasses method to refresh it. Bug: https://bugs.gentoo.org/663022 commit 3f462e9 Author: Zac Medico <zmedico@gentoo.org> Date: Mon Aug 6 16:38:55 2018 -0700 Refer to "ebuild repository" rather than "portage tree" commit 78c52aa Author: Zac Medico <zmedico@gentoo.org> Date: Mon Aug 6 11:42:29 2018 -0700 repoman: remove obsolete herds checks commit 6b4252d Author: Zac Medico <zmedico@gentoo.org> Date: Sat Jul 28 14:22:42 2018 -0700 Add asyncio.create_subprocess_exec support for python2 (bug 662388) The asyncio.create_subprocess_exec function is essential for using subprocesses in coroutines, so add support to do this for python2. This paves the way for extensive use of coroutines in portage, since coroutines are well-suited for many portage tasks that involve subprocesses. Bug: https://bugs.gentoo.org/662388 commit f391b2c Author: Zac Medico <zmedico@gentoo.org> Date: Sat Aug 4 13:18:47 2018 -0700 compression_probe: decompress zstd --long=31 (bug 634980) In order to decompress files compressed with zstd --long=31, add --long=31 to the zstd decompress options. Even though zstd compression does not support --long=31 on 32-bit platforms, decompression with --long=31 still works as long as the file was compressed with a smaller windowLog. Reported-by: Martin Väth <martin@mvath.de> Bug: https://bugs.gentoo.org/634980 commit 12aa832 Author: Francesco Turco <fturco@fastmail.fm> Date: Sat Aug 4 20:47:40 2018 +0200 install-qa-check.d: fix hardened@g.o e-mail address Closes: #350 Signed-off-by: Fabian Groffen <grobian@gentoo.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.