{"update": {"autokarma": false, "autotime": false, "stable_karma": 3, "stable_days": 14, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Update to 2.10.3\n\n* Fix CVE-2022-40303\n* Fix CVE-2022-40304\n\n", "type": "security", "status": "unpushed", "request": null, "severity": "medium", "suggest": "logout", "locked": false, "pushed": false, "critpath": true, "critpath_groups": null, "close_bugs": true, "date_submitted": "2022-10-21 12:08:07", "date_modified": "2022-11-03 17:46:38", "date_approved": null, "date_testing": "2022-11-04 10:55:25", "date_stable": null, "alias": "FEDORA-2022-fcf5dbb447", "test_gating_status": "passed", "from_tag": null, "date_pushed": "2022-11-04 10:55:25", "meets_testing_requirements": true, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-2022-fcf5dbb447", "title": "libxml2-2.10.3-2.fc35 xmlsec1-1.2.29-5.fc35", "version_hash": "e9d0a97d668cfe0e895bdd362e74501cfa1d4ad7", "release": {"name": "F35", "long_name": "Fedora 35", "version": "35", "id_prefix": "FEDORA", "branch": "f35", "dist_tag": "f35", "stable_tag": "f35-updates", "testing_tag": "f35-updates-testing", "candidate_tag": "f35-updates-candidate", "pending_signing_tag": "f35-signing-pending", "pending_testing_tag": "f35-updates-testing-pending", "pending_stable_tag": "f35-updates-pending", "override_tag": "f35-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "amigadave", "email": "amigadave@amigadave.com", "id": 545, "avatar": "https://seccdn.libravatar.org/avatar/aed12a04608957ae5588a69eb02529be4012f55b05b05cd5ede2355bdf3e0b4e?s=24&d=retro", "openid": "amigadave.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "gnome-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by amigadave. ", "timestamp": "2022-10-21 12:08:08", "update_id": 456130, "user_id": 91, "id": 2758822, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2022-10-21 12:08:08", "update_id": 456130, "user_id": 91, "id": 2758823, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'failed'.", "timestamp": "2022-10-21 12:23:34", "update_id": 456130, "user_id": 91, "id": 2758825, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'passed'.", "timestamp": "2022-10-21 16:52:19", "update_id": 456130, "user_id": 91, "id": 2759191, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2022-10-22 14:55:39", "update_id": 456130, "user_id": 91, "id": 2759728, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "amigadave edited this update.\n\nNew build(s):\n\n- xmlsec1-1.2.29-5.fc35\n\nKarma has been reset.", "timestamp": "2022-10-24 10:56:57", "update_id": 456130, "user_id": 91, "id": 2762000, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by amigadave. ", "timestamp": "2022-10-24 10:57:03", "update_id": 456130, "user_id": 91, "id": 2762001, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2022-10-24 14:20:19", "update_id": 456130, "user_id": 91, "id": 2762359, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546\n\nThe 2.10.3 update breaks ABI by removing over 100 symbols.", "timestamp": "2022-11-03 17:03:31", "update_id": 456130, "user_id": 388, "id": 2772637, "bug_feedback": [{"karma": 0, "comment_id": 2772637, "bug_id": 2119077, "bug": {"bug_id": 2119077, "title": "libxml2-2.10.2 is available", "security": false, "parent": false}}, {"karma": 0, "comment_id": 2772637, "bug_id": 2136274, "bug": {"bug_id": 2136274, "title": "CVE-2022-40303 libxml2: integer overflows with XML_PARSE_HUGE [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 2772637, "bug_id": 2136293, "bug": {"bug_id": 2136293, "title": "CVE-2022-40304 libxml2: dict corruption caused by entity reference cycles [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 2772637, "bug_id": 2136800, "bug": {"bug_id": 2136800, "title": "openconnect fails due to missing symbol xmlIOFTPRead", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.", "timestamp": "2022-11-03 17:03:31", "update_id": 456130, "user_id": 91, "id": 2772638, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "adamwill edited this update.\n\nNew build(s):\n\n- libxml2-2.10.3-2.fc35\n\nRemoved build(s):\n\n- libxml2-2.10.3-1.fc35\n\nKarma has been reset.", "timestamp": "2022-11-03 17:46:29", "update_id": 456130, "user_id": 91, "id": 2772668, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by adamwill. ", "timestamp": "2022-11-03 17:46:36", "update_id": 456130, "user_id": 91, "id": 2772669, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2022-11-04 10:55:55", "update_id": 456130, "user_id": 91, "id": 2773166, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-11-14 03:41:36", "update_id": 456130, "user_id": 5881, "id": 2783781, "bug_feedback": [{"karma": 1, "comment_id": 2783781, "bug_id": 2119077, "bug": {"bug_id": 2119077, "title": "libxml2-2.10.2 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.stg.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2022-11-18 10:57:19", "update_id": 456130, "user_id": 91, "id": 2789469, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been unpushed.", "timestamp": "2022-11-21 08:49:32", "update_id": 456130, "user_id": 545, "id": 2791708, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "amigadave", "email": "amigadave@amigadave.com", "id": 545, "avatar": "https://seccdn.libravatar.org/avatar/aed12a04608957ae5588a69eb02529be4012f55b05b05cd5ede2355bdf3e0b4e?s=24&d=retro", "openid": "amigadave.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "gnome-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}], "builds": [{"nvr": "libxml2-2.10.3-2.fc35", "signed": true, "release_id": 51, "type": "rpm", "epoch": 0}, {"nvr": "xmlsec1-1.2.29-5.fc35", "signed": true, "release_id": 51, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 2119077, "title": "libxml2-2.10.2 is available", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 2759847, "bug_id": 2119077, "comment": {"karma": -1, "karma_critpath": 0, "text": "Can confirm that `dnf downgrade libxml2` fixes openconnect.", "timestamp": "2022-10-22 17:20:23", "update_id": 455982, "user_id": 7333, "id": 2759847, "testcase_feedback": [], "user": {"name": "arkadiuszn", "email": "niemiec.arkadiusz@gmail.com", "id": 7333, "avatar": "https://seccdn.libravatar.org/avatar/a96cb5ca81fa2a2579cb9fe5e58fba8c7ec4d8b287ec49bea2c7761e83834d14?s=24&d=retro", "openid": "arkadiuszn.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2761891, "bug_id": 2119077, "comment": {"karma": -1, "karma_critpath": 0, "text": "It breaks openconnect, see https://bugzilla.redhat.com/show_bug.cgi?id=2136800.\nEither the FTP support needs to be enabled to keep the symbols, or xmlsec1 (at least) need to be rebuilt.", "timestamp": "2022-10-24 09:02:30", "update_id": 456000, "user_id": 2132, "id": 2761891, "testcase_feedback": [], "user": {"name": "hwti", "email": "loic.yhuel@gmail.com", "id": 2132, "avatar": "https://seccdn.libravatar.org/avatar/ed85719acc27c4c2c948b93ed76351b57471d7a4349b58f751d002793380b9a2?s=24&d=retro", "openid": "hwti.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2762222, "bug_id": 2119077, "comment": {"karma": 0, "karma_critpath": 0, "text": "Fixed openconnect bug here :-)", "timestamp": "2022-10-24 13:16:15", "update_id": 455982, "user_id": 1290, "id": 2762222, "testcase_feedback": [], "user": {"name": "kimbisgaard", "email": "kim-rh@roedderne.dk", "id": 1290, "avatar": "https://seccdn.libravatar.org/avatar/14a395dd3ff57d3eb710fc38724e424a595ae829174a152643ec6573ed1abd6c?s=24&d=retro", "openid": "kimbisgaard.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2762668, "bug_id": 2119077, "comment": {"karma": 1, "karma_critpath": 0, "text": "openconnect now works fine with the rebuilt xmlsec1", "timestamp": "2022-10-24 18:35:39", "update_id": 456000, "user_id": 2132, "id": 2762668, "testcase_feedback": [], "user": {"name": "hwti", "email": "loic.yhuel@gmail.com", "id": 2132, "avatar": "https://seccdn.libravatar.org/avatar/ed85719acc27c4c2c948b93ed76351b57471d7a4349b58f751d002793380b9a2?s=24&d=retro", "openid": "hwti.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2763229, "bug_id": 2119077, "comment": {"karma": 1, "karma_critpath": 0, "text": "Can confirm, thank you :)", "timestamp": "2022-10-25 12:44:45", "update_id": 455982, "user_id": 7333, "id": 2763229, "testcase_feedback": [], "user": {"name": "arkadiuszn", "email": "niemiec.arkadiusz@gmail.com", "id": 7333, "avatar": "https://seccdn.libravatar.org/avatar/a96cb5ca81fa2a2579cb9fe5e58fba8c7ec4d8b287ec49bea2c7761e83834d14?s=24&d=retro", "openid": "arkadiuszn.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2763591, "bug_id": 2119077, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-10-25 15:50:10", "update_id": 455982, "user_id": 240, "id": 2763591, "testcase_feedback": [], "user": {"name": "ellert", "email": "mattias.ellert@physics.uu.se", "id": 240, "avatar": "https://seccdn.libravatar.org/avatar/01757ac6220c7c80daecba48378c2721a35cf00771becbb512a1ec0b1043f5ea?s=24&d=retro", "openid": "ellert.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "r-maint-sig"}]}}}, {"karma": 0, "comment_id": 2768252, "bug_id": 2119077, "comment": {"karma": 0, "karma_critpath": 0, "text": "Note that GraphicsMagick (and users) suffers from a similar problem like xmlsec did: bz#2138022", "timestamp": "2022-10-30 21:31:12", "update_id": 456000, "user_id": 1187, "id": 2768252, "testcase_feedback": [], "user": {"name": "mjg", "email": "michaeljgruber+fedoraproject@gmail.com", "id": 1187, "avatar": "https://seccdn.libravatar.org/avatar/7fd198f2b9576f3342c1a6fe4e4aff7cb5998c4538563d86c03cd49c088f8822?s=24&d=retro", "openid": "mjg.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "triagers"}]}}}, {"karma": 0, "comment_id": 2772639, "bug_id": 2119077, "comment": {"karma": 0, "karma_critpath": 0, "text": "Unfortunately, this went to stable already....", "timestamp": "2022-11-03 17:05:21", "update_id": 456000, "user_id": 152, "id": 2772639, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2759841, "bug_id": 2119077, "comment": {"karma": 0, "karma_critpath": 0, "text": "This breaks the openconnect:\n$ openconnect --help\nopenconnect: symbol lookup error: /lib64/libxmlsec1.so.1: undefined symbol: xmlIOFTPRead, version LIBXML2_2.4.30\nSimilar issue to arch:\nhttps://bugs.archlinux.org/task/75721", "timestamp": "2022-10-22 16:31:40", "update_id": 455982, "user_id": 7333, "id": 2759841, "testcase_feedback": [], "user": {"name": "arkadiuszn", "email": "niemiec.arkadiusz@gmail.com", "id": 7333, "avatar": "https://seccdn.libravatar.org/avatar/a96cb5ca81fa2a2579cb9fe5e58fba8c7ec4d8b287ec49bea2c7761e83834d14?s=24&d=retro", "openid": "arkadiuszn.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2769960, "bug_id": 2119077, "comment": {"karma": -1, "karma_critpath": 0, "text": "For now putting negative karma, ImageMagick is also broken at least. \n\nAnd many other symbols (other than ftp related) are also removed from libxml2, so I am not confident about all affected packages.", "timestamp": "2022-11-01 15:34:29", "update_id": 455982, "user_id": 152, "id": 2769960, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2772676, "bug_id": 2119077, "comment": {"karma": 0, "karma_critpath": 0, "text": "-2 should restore the required symbols, thanks to @mtasaka . Some are still missing, but we're *hopeful* that nothing was actually using them in practice. We've reported https://gitlab.gnome.org/GNOME/libxml2/-/issues/433 upstream.", "timestamp": "2022-11-03 17:54:47", "update_id": 455982, "user_id": 302, "id": 2772676, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2781696, "bug_id": 2119077, "comment": {"karma": 1, "karma_critpath": 0, "text": "This fixes the symbols issue for me. Can we get it pushed to stable?", "timestamp": "2022-11-11 01:19:38", "update_id": 455982, "user_id": 659, "id": 2781696, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772145, "bug_id": 2119077, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaking ABI is not OK without rebuilding all dependent packages (if that's even possible), and shouldn't happen so late in the Fedora 37 cycle anyway.", "timestamp": "2022-11-03 10:25:15", "update_id": 455982, "user_id": 388, "id": 2772145, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2772591, "bug_id": 2119077, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546", "timestamp": "2022-11-03 16:48:01", "update_id": 456000, "user_id": 659, "id": 2772591, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772594, "bug_id": 2119077, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546", "timestamp": "2022-11-03 16:48:24", "update_id": 455982, "user_id": 659, "id": 2772594, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772634, "bug_id": 2119077, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2022-11-03 17:01:38", "update_id": 456000, "user_id": 388, "id": 2772634, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2772637, "bug_id": 2119077, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546\n\nThe 2.10.3 update breaks ABI by removing over 100 symbols.", "timestamp": "2022-11-03 17:03:31", "update_id": 456130, "user_id": 388, "id": 2772637, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2781922, "bug_id": 2119077, "comment": {"karma": 1, "karma_critpath": 0, "text": "Looks good.", "timestamp": "2022-11-11 11:02:56", "update_id": 455982, "user_id": 152, "id": 2781922, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 2783781, "bug_id": 2119077, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-11-14 03:41:36", "update_id": 456130, "user_id": 5881, "id": 2783781, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.stg.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}, {"bug_id": 2136274, "title": "CVE-2022-40303 libxml2: integer overflows with XML_PARSE_HUGE [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 2759847, "bug_id": 2136274, "comment": {"karma": -1, "karma_critpath": 0, "text": "Can confirm that `dnf downgrade libxml2` fixes openconnect.", "timestamp": "2022-10-22 17:20:23", "update_id": 455982, "user_id": 7333, "id": 2759847, "testcase_feedback": [], "user": {"name": "arkadiuszn", "email": "niemiec.arkadiusz@gmail.com", "id": 7333, "avatar": "https://seccdn.libravatar.org/avatar/a96cb5ca81fa2a2579cb9fe5e58fba8c7ec4d8b287ec49bea2c7761e83834d14?s=24&d=retro", "openid": "arkadiuszn.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2761891, "bug_id": 2136274, "comment": {"karma": -1, "karma_critpath": 0, "text": "It breaks openconnect, see https://bugzilla.redhat.com/show_bug.cgi?id=2136800.\nEither the FTP support needs to be enabled to keep the symbols, or xmlsec1 (at least) need to be rebuilt.", "timestamp": "2022-10-24 09:02:30", "update_id": 456000, "user_id": 2132, "id": 2761891, "testcase_feedback": [], "user": {"name": "hwti", "email": "loic.yhuel@gmail.com", "id": 2132, "avatar": "https://seccdn.libravatar.org/avatar/ed85719acc27c4c2c948b93ed76351b57471d7a4349b58f751d002793380b9a2?s=24&d=retro", "openid": "hwti.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2762222, "bug_id": 2136274, "comment": {"karma": 0, "karma_critpath": 0, "text": "Fixed openconnect bug here :-)", "timestamp": "2022-10-24 13:16:15", "update_id": 455982, "user_id": 1290, "id": 2762222, "testcase_feedback": [], "user": {"name": "kimbisgaard", "email": "kim-rh@roedderne.dk", "id": 1290, "avatar": "https://seccdn.libravatar.org/avatar/14a395dd3ff57d3eb710fc38724e424a595ae829174a152643ec6573ed1abd6c?s=24&d=retro", "openid": "kimbisgaard.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2762668, "bug_id": 2136274, "comment": {"karma": 1, "karma_critpath": 0, "text": "openconnect now works fine with the rebuilt xmlsec1", "timestamp": "2022-10-24 18:35:39", "update_id": 456000, "user_id": 2132, "id": 2762668, "testcase_feedback": [], "user": {"name": "hwti", "email": "loic.yhuel@gmail.com", "id": 2132, "avatar": "https://seccdn.libravatar.org/avatar/ed85719acc27c4c2c948b93ed76351b57471d7a4349b58f751d002793380b9a2?s=24&d=retro", "openid": "hwti.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2763229, "bug_id": 2136274, "comment": {"karma": 1, "karma_critpath": 0, "text": "Can confirm, thank you :)", "timestamp": "2022-10-25 12:44:45", "update_id": 455982, "user_id": 7333, "id": 2763229, "testcase_feedback": [], "user": {"name": "arkadiuszn", "email": "niemiec.arkadiusz@gmail.com", "id": 7333, "avatar": "https://seccdn.libravatar.org/avatar/a96cb5ca81fa2a2579cb9fe5e58fba8c7ec4d8b287ec49bea2c7761e83834d14?s=24&d=retro", "openid": "arkadiuszn.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2763591, "bug_id": 2136274, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-10-25 15:50:10", "update_id": 455982, "user_id": 240, "id": 2763591, "testcase_feedback": [], "user": {"name": "ellert", "email": "mattias.ellert@physics.uu.se", "id": 240, "avatar": "https://seccdn.libravatar.org/avatar/01757ac6220c7c80daecba48378c2721a35cf00771becbb512a1ec0b1043f5ea?s=24&d=retro", "openid": "ellert.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "r-maint-sig"}]}}}, {"karma": 0, "comment_id": 2768252, "bug_id": 2136274, "comment": {"karma": 0, "karma_critpath": 0, "text": "Note that GraphicsMagick (and users) suffers from a similar problem like xmlsec did: bz#2138022", "timestamp": "2022-10-30 21:31:12", "update_id": 456000, "user_id": 1187, "id": 2768252, "testcase_feedback": [], "user": {"name": "mjg", "email": "michaeljgruber+fedoraproject@gmail.com", "id": 1187, "avatar": "https://seccdn.libravatar.org/avatar/7fd198f2b9576f3342c1a6fe4e4aff7cb5998c4538563d86c03cd49c088f8822?s=24&d=retro", "openid": "mjg.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "triagers"}]}}}, {"karma": 0, "comment_id": 2772639, "bug_id": 2136274, "comment": {"karma": 0, "karma_critpath": 0, "text": "Unfortunately, this went to stable already....", "timestamp": "2022-11-03 17:05:21", "update_id": 456000, "user_id": 152, "id": 2772639, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2759841, "bug_id": 2136274, "comment": {"karma": 0, "karma_critpath": 0, "text": "This breaks the openconnect:\n$ openconnect --help\nopenconnect: symbol lookup error: /lib64/libxmlsec1.so.1: undefined symbol: xmlIOFTPRead, version LIBXML2_2.4.30\nSimilar issue to arch:\nhttps://bugs.archlinux.org/task/75721", "timestamp": "2022-10-22 16:31:40", "update_id": 455982, "user_id": 7333, "id": 2759841, "testcase_feedback": [], "user": {"name": "arkadiuszn", "email": "niemiec.arkadiusz@gmail.com", "id": 7333, "avatar": "https://seccdn.libravatar.org/avatar/a96cb5ca81fa2a2579cb9fe5e58fba8c7ec4d8b287ec49bea2c7761e83834d14?s=24&d=retro", "openid": "arkadiuszn.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2769960, "bug_id": 2136274, "comment": {"karma": -1, "karma_critpath": 0, "text": "For now putting negative karma, ImageMagick is also broken at least. \n\nAnd many other symbols (other than ftp related) are also removed from libxml2, so I am not confident about all affected packages.", "timestamp": "2022-11-01 15:34:29", "update_id": 455982, "user_id": 152, "id": 2769960, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2772676, "bug_id": 2136274, "comment": {"karma": 0, "karma_critpath": 0, "text": "-2 should restore the required symbols, thanks to @mtasaka . Some are still missing, but we're *hopeful* that nothing was actually using them in practice. We've reported https://gitlab.gnome.org/GNOME/libxml2/-/issues/433 upstream.", "timestamp": "2022-11-03 17:54:47", "update_id": 455982, "user_id": 302, "id": 2772676, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2781696, "bug_id": 2136274, "comment": {"karma": 1, "karma_critpath": 0, "text": "This fixes the symbols issue for me. Can we get it pushed to stable?", "timestamp": "2022-11-11 01:19:38", "update_id": 455982, "user_id": 659, "id": 2781696, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772145, "bug_id": 2136274, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaking ABI is not OK without rebuilding all dependent packages (if that's even possible), and shouldn't happen so late in the Fedora 37 cycle anyway.", "timestamp": "2022-11-03 10:25:15", "update_id": 455982, "user_id": 388, "id": 2772145, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2772591, "bug_id": 2136274, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546", "timestamp": "2022-11-03 16:48:01", "update_id": 456000, "user_id": 659, "id": 2772591, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772594, "bug_id": 2136274, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546", "timestamp": "2022-11-03 16:48:24", "update_id": 455982, "user_id": 659, "id": 2772594, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772634, "bug_id": 2136274, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2022-11-03 17:01:38", "update_id": 456000, "user_id": 388, "id": 2772634, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2772637, "bug_id": 2136274, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546\n\nThe 2.10.3 update breaks ABI by removing over 100 symbols.", "timestamp": "2022-11-03 17:03:31", "update_id": 456130, "user_id": 388, "id": 2772637, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2781922, "bug_id": 2136274, "comment": {"karma": 1, "karma_critpath": 0, "text": "Looks good.", "timestamp": "2022-11-11 11:02:56", "update_id": 455982, "user_id": 152, "id": 2781922, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}]}, {"bug_id": 2136293, "title": "CVE-2022-40304 libxml2: dict corruption caused by entity reference cycles [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 2759847, "bug_id": 2136293, "comment": {"karma": -1, "karma_critpath": 0, "text": "Can confirm that `dnf downgrade libxml2` fixes openconnect.", "timestamp": "2022-10-22 17:20:23", "update_id": 455982, "user_id": 7333, "id": 2759847, "testcase_feedback": [], "user": {"name": "arkadiuszn", "email": "niemiec.arkadiusz@gmail.com", "id": 7333, "avatar": "https://seccdn.libravatar.org/avatar/a96cb5ca81fa2a2579cb9fe5e58fba8c7ec4d8b287ec49bea2c7761e83834d14?s=24&d=retro", "openid": "arkadiuszn.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2761891, "bug_id": 2136293, "comment": {"karma": -1, "karma_critpath": 0, "text": "It breaks openconnect, see https://bugzilla.redhat.com/show_bug.cgi?id=2136800.\nEither the FTP support needs to be enabled to keep the symbols, or xmlsec1 (at least) need to be rebuilt.", "timestamp": "2022-10-24 09:02:30", "update_id": 456000, "user_id": 2132, "id": 2761891, "testcase_feedback": [], "user": {"name": "hwti", "email": "loic.yhuel@gmail.com", "id": 2132, "avatar": "https://seccdn.libravatar.org/avatar/ed85719acc27c4c2c948b93ed76351b57471d7a4349b58f751d002793380b9a2?s=24&d=retro", "openid": "hwti.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2762222, "bug_id": 2136293, "comment": {"karma": 0, "karma_critpath": 0, "text": "Fixed openconnect bug here :-)", "timestamp": "2022-10-24 13:16:15", "update_id": 455982, "user_id": 1290, "id": 2762222, "testcase_feedback": [], "user": {"name": "kimbisgaard", "email": "kim-rh@roedderne.dk", "id": 1290, "avatar": "https://seccdn.libravatar.org/avatar/14a395dd3ff57d3eb710fc38724e424a595ae829174a152643ec6573ed1abd6c?s=24&d=retro", "openid": "kimbisgaard.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2762668, "bug_id": 2136293, "comment": {"karma": 1, "karma_critpath": 0, "text": "openconnect now works fine with the rebuilt xmlsec1", "timestamp": "2022-10-24 18:35:39", "update_id": 456000, "user_id": 2132, "id": 2762668, "testcase_feedback": [], "user": {"name": "hwti", "email": "loic.yhuel@gmail.com", "id": 2132, "avatar": "https://seccdn.libravatar.org/avatar/ed85719acc27c4c2c948b93ed76351b57471d7a4349b58f751d002793380b9a2?s=24&d=retro", "openid": "hwti.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2763229, "bug_id": 2136293, "comment": {"karma": 1, "karma_critpath": 0, "text": "Can confirm, thank you :)", "timestamp": "2022-10-25 12:44:45", "update_id": 455982, "user_id": 7333, "id": 2763229, "testcase_feedback": [], "user": {"name": "arkadiuszn", "email": "niemiec.arkadiusz@gmail.com", "id": 7333, "avatar": "https://seccdn.libravatar.org/avatar/a96cb5ca81fa2a2579cb9fe5e58fba8c7ec4d8b287ec49bea2c7761e83834d14?s=24&d=retro", "openid": "arkadiuszn.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2763591, "bug_id": 2136293, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-10-25 15:50:10", "update_id": 455982, "user_id": 240, "id": 2763591, "testcase_feedback": [], "user": {"name": "ellert", "email": "mattias.ellert@physics.uu.se", "id": 240, "avatar": "https://seccdn.libravatar.org/avatar/01757ac6220c7c80daecba48378c2721a35cf00771becbb512a1ec0b1043f5ea?s=24&d=retro", "openid": "ellert.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "r-maint-sig"}]}}}, {"karma": 0, "comment_id": 2768252, "bug_id": 2136293, "comment": {"karma": 0, "karma_critpath": 0, "text": "Note that GraphicsMagick (and users) suffers from a similar problem like xmlsec did: bz#2138022", "timestamp": "2022-10-30 21:31:12", "update_id": 456000, "user_id": 1187, "id": 2768252, "testcase_feedback": [], "user": {"name": "mjg", "email": "michaeljgruber+fedoraproject@gmail.com", "id": 1187, "avatar": "https://seccdn.libravatar.org/avatar/7fd198f2b9576f3342c1a6fe4e4aff7cb5998c4538563d86c03cd49c088f8822?s=24&d=retro", "openid": "mjg.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "triagers"}]}}}, {"karma": 0, "comment_id": 2772639, "bug_id": 2136293, "comment": {"karma": 0, "karma_critpath": 0, "text": "Unfortunately, this went to stable already....", "timestamp": "2022-11-03 17:05:21", "update_id": 456000, "user_id": 152, "id": 2772639, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2759841, "bug_id": 2136293, "comment": {"karma": 0, "karma_critpath": 0, "text": "This breaks the openconnect:\n$ openconnect --help\nopenconnect: symbol lookup error: /lib64/libxmlsec1.so.1: undefined symbol: xmlIOFTPRead, version LIBXML2_2.4.30\nSimilar issue to arch:\nhttps://bugs.archlinux.org/task/75721", "timestamp": "2022-10-22 16:31:40", "update_id": 455982, "user_id": 7333, "id": 2759841, "testcase_feedback": [], "user": {"name": "arkadiuszn", "email": "niemiec.arkadiusz@gmail.com", "id": 7333, "avatar": "https://seccdn.libravatar.org/avatar/a96cb5ca81fa2a2579cb9fe5e58fba8c7ec4d8b287ec49bea2c7761e83834d14?s=24&d=retro", "openid": "arkadiuszn.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2769960, "bug_id": 2136293, "comment": {"karma": -1, "karma_critpath": 0, "text": "For now putting negative karma, ImageMagick is also broken at least. \n\nAnd many other symbols (other than ftp related) are also removed from libxml2, so I am not confident about all affected packages.", "timestamp": "2022-11-01 15:34:29", "update_id": 455982, "user_id": 152, "id": 2769960, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2772676, "bug_id": 2136293, "comment": {"karma": 0, "karma_critpath": 0, "text": "-2 should restore the required symbols, thanks to @mtasaka . Some are still missing, but we're *hopeful* that nothing was actually using them in practice. We've reported https://gitlab.gnome.org/GNOME/libxml2/-/issues/433 upstream.", "timestamp": "2022-11-03 17:54:47", "update_id": 455982, "user_id": 302, "id": 2772676, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2781696, "bug_id": 2136293, "comment": {"karma": 1, "karma_critpath": 0, "text": "This fixes the symbols issue for me. Can we get it pushed to stable?", "timestamp": "2022-11-11 01:19:38", "update_id": 455982, "user_id": 659, "id": 2781696, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772145, "bug_id": 2136293, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaking ABI is not OK without rebuilding all dependent packages (if that's even possible), and shouldn't happen so late in the Fedora 37 cycle anyway.", "timestamp": "2022-11-03 10:25:15", "update_id": 455982, "user_id": 388, "id": 2772145, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2772591, "bug_id": 2136293, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546", "timestamp": "2022-11-03 16:48:01", "update_id": 456000, "user_id": 659, "id": 2772591, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772594, "bug_id": 2136293, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546", "timestamp": "2022-11-03 16:48:24", "update_id": 455982, "user_id": 659, "id": 2772594, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772634, "bug_id": 2136293, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2022-11-03 17:01:38", "update_id": 456000, "user_id": 388, "id": 2772634, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2772637, "bug_id": 2136293, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546\n\nThe 2.10.3 update breaks ABI by removing over 100 symbols.", "timestamp": "2022-11-03 17:03:31", "update_id": 456130, "user_id": 388, "id": 2772637, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2781922, "bug_id": 2136293, "comment": {"karma": 1, "karma_critpath": 0, "text": "Looks good.", "timestamp": "2022-11-11 11:02:56", "update_id": 455982, "user_id": 152, "id": 2781922, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}]}, {"bug_id": 2136800, "title": "openconnect fails due to missing symbol xmlIOFTPRead", "security": false, "parent": false, "feedback": [{"karma": 1, "comment_id": 2762222, "bug_id": 2136800, "comment": {"karma": 0, "karma_critpath": 0, "text": "Fixed openconnect bug here :-)", "timestamp": "2022-10-24 13:16:15", "update_id": 455982, "user_id": 1290, "id": 2762222, "testcase_feedback": [], "user": {"name": "kimbisgaard", "email": "kim-rh@roedderne.dk", "id": 1290, "avatar": "https://seccdn.libravatar.org/avatar/14a395dd3ff57d3eb710fc38724e424a595ae829174a152643ec6573ed1abd6c?s=24&d=retro", "openid": "kimbisgaard.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 1, "comment_id": 2762668, "bug_id": 2136800, "comment": {"karma": 1, "karma_critpath": 0, "text": "openconnect now works fine with the rebuilt xmlsec1", "timestamp": "2022-10-24 18:35:39", "update_id": 456000, "user_id": 2132, "id": 2762668, "testcase_feedback": [], "user": {"name": "hwti", "email": "loic.yhuel@gmail.com", "id": 2132, "avatar": "https://seccdn.libravatar.org/avatar/ed85719acc27c4c2c948b93ed76351b57471d7a4349b58f751d002793380b9a2?s=24&d=retro", "openid": "hwti.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2763229, "bug_id": 2136800, "comment": {"karma": 1, "karma_critpath": 0, "text": "Can confirm, thank you :)", "timestamp": "2022-10-25 12:44:45", "update_id": 455982, "user_id": 7333, "id": 2763229, "testcase_feedback": [], "user": {"name": "arkadiuszn", "email": "niemiec.arkadiusz@gmail.com", "id": 7333, "avatar": "https://seccdn.libravatar.org/avatar/a96cb5ca81fa2a2579cb9fe5e58fba8c7ec4d8b287ec49bea2c7761e83834d14?s=24&d=retro", "openid": "arkadiuszn.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 1, "comment_id": 2763591, "bug_id": 2136800, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-10-25 15:50:10", "update_id": 455982, "user_id": 240, "id": 2763591, "testcase_feedback": [], "user": {"name": "ellert", "email": "mattias.ellert@physics.uu.se", "id": 240, "avatar": "https://seccdn.libravatar.org/avatar/01757ac6220c7c80daecba48378c2721a35cf00771becbb512a1ec0b1043f5ea?s=24&d=retro", "openid": "ellert.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "r-maint-sig"}]}}}, {"karma": 0, "comment_id": 2768252, "bug_id": 2136800, "comment": {"karma": 0, "karma_critpath": 0, "text": "Note that GraphicsMagick (and users) suffers from a similar problem like xmlsec did: bz#2138022", "timestamp": "2022-10-30 21:31:12", "update_id": 456000, "user_id": 1187, "id": 2768252, "testcase_feedback": [], "user": {"name": "mjg", "email": "michaeljgruber+fedoraproject@gmail.com", "id": 1187, "avatar": "https://seccdn.libravatar.org/avatar/7fd198f2b9576f3342c1a6fe4e4aff7cb5998c4538563d86c03cd49c088f8822?s=24&d=retro", "openid": "mjg.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "triagers"}]}}}, {"karma": 0, "comment_id": 2772639, "bug_id": 2136800, "comment": {"karma": 0, "karma_critpath": 0, "text": "Unfortunately, this went to stable already....", "timestamp": "2022-11-03 17:05:21", "update_id": 456000, "user_id": 152, "id": 2772639, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2769960, "bug_id": 2136800, "comment": {"karma": -1, "karma_critpath": 0, "text": "For now putting negative karma, ImageMagick is also broken at least. \n\nAnd many other symbols (other than ftp related) are also removed from libxml2, so I am not confident about all affected packages.", "timestamp": "2022-11-01 15:34:29", "update_id": 455982, "user_id": 152, "id": 2769960, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2772676, "bug_id": 2136800, "comment": {"karma": 0, "karma_critpath": 0, "text": "-2 should restore the required symbols, thanks to @mtasaka . Some are still missing, but we're *hopeful* that nothing was actually using them in practice. We've reported https://gitlab.gnome.org/GNOME/libxml2/-/issues/433 upstream.", "timestamp": "2022-11-03 17:54:47", "update_id": 455982, "user_id": 302, "id": 2772676, "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}}, {"karma": 0, "comment_id": 2781696, "bug_id": 2136800, "comment": {"karma": 1, "karma_critpath": 0, "text": "This fixes the symbols issue for me. Can we get it pushed to stable?", "timestamp": "2022-11-11 01:19:38", "update_id": 455982, "user_id": 659, "id": 2781696, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772145, "bug_id": 2136800, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaking ABI is not OK without rebuilding all dependent packages (if that's even possible), and shouldn't happen so late in the Fedora 37 cycle anyway.", "timestamp": "2022-11-03 10:25:15", "update_id": 455982, "user_id": 388, "id": 2772145, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2772591, "bug_id": 2136800, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546", "timestamp": "2022-11-03 16:48:01", "update_id": 456000, "user_id": 659, "id": 2772591, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772594, "bug_id": 2136800, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546", "timestamp": "2022-11-03 16:48:24", "update_id": 455982, "user_id": 659, "id": 2772594, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 2772634, "bug_id": 2136800, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2022-11-03 17:01:38", "update_id": 456000, "user_id": 388, "id": 2772634, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 0, "comment_id": 2772637, "bug_id": 2136800, "comment": {"karma": -1, "karma_critpath": 0, "text": "https://bugzilla.redhat.com/show_bug.cgi?id=2139546\n\nThe 2.10.3 update breaks ABI by removing over 100 symbols.", "timestamp": "2022-11-03 17:03:31", "update_id": 456130, "user_id": 388, "id": 2772637, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "packaging-committee"}, {"name": "libreoffice-sig"}, {"name": "multimedia-sig"}, {"name": "diversity-pride"}, {"name": "pantheon-sig"}]}}}, {"karma": 1, "comment_id": 2781922, "bug_id": 2136800, "comment": {"karma": 1, "karma_critpath": 0, "text": "Looks good.", "timestamp": "2022-11-11 11:02:56", "update_id": 455982, "user_id": 152, "id": 2781922, "testcase_feedback": [], "user": {"name": "mtasaka", "email": "mtasaka@tbz.t-com.ne.jp", "id": 152, "avatar": "https://seccdn.libravatar.org/avatar/0b585d87cae65e5ce025d249461c68ab04d93872aef70244747284152ccda5d5?s=24&d=retro", "openid": "mtasaka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}]}], "updateid": "FEDORA-2022-fcf5dbb447", "karma": 1, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}