{{{
Hi Folks!

Got this while trying to build kronolith for rawhide:

674705 build (dist-f10, devel:kronolith-2_2-1_fc10): open
(x86-3.fedora.phx.redhat.com) -> FAILED: BuildError: package kronolith
is blocked for tag dist-f10

From what I can understand, kronolith was blocked from F9/rawhide due
to a non-responsive maintainer and a security bug.

It was since orphaned, and adopted by me, with Jason Tibbs as a
co-maintainer.

The bugs in question are:

CVE-2008-1974: XSS - Reported 28-Apr-2008
- https://bugzilla.redhat.com/show_bug.cgi?id=444400 (Tracker)
- https://bugzilla.redhat.com/show_bug.cgi?id=444405 (F9/Rawhide -
CLOSED WONTFIX)
- There was a proposed update during freeze (that did work) but package
was removed/blocked

CVE-2008-2783: XSS - Reported 20-Jun-2008
- https://bugzilla.redhat.com/show_bug.cgi?id=452209
- My new update doesn't seem to be vulnerable (nor does the intended
update to fix CVE-2008-1974)

My desired outcome would be for kronolith to be unblocked.

Regards,

Nigel Jones
}}}