Learn more about these different git repos.
Other Git URLs
There's a security vulnerability in deltarpm due to its bundling of zlib. New version of deltarpm built without the included zlib. Here's the bugzilla for the relevant zlib update: https://bugzilla.redhat.com/show_bug.cgi?id=163038 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849
Please tag for F12 release:
deltarpm-3.5-0.2.20090913git.fc12
http://koji.fedoraproject.org/koji/taskinfo?taskID=1720522
practically a no-brainer, but gotta ask, any testing of the new build?
No problems. I was putting this in so I don't forget while waiting for jdieter to be available. I don't have enough of an idea of what's involved here to test this fully.
jdieter, after the response from Michael Schroeder, I updated the package. Try this version out when you test, it should avoid some problems with the first build: http://koji.fedoraproject.org/koji/taskinfo?taskID=1721649
deltarpm-3.5-0.4.20090913git.fc12.src.rpm
I've tested makedeltarpm between Fedora rpms compressed with zlib and one zlib <=> xz package. Couldn't find a zlib_rsync package to test.
Tested applydeltarpm and applydeltarpm -r on those rpms successfully.
I've tested deltarpm-3.5-0.4.20090913git.fc12 and it works perfectly under yum-presto, which is obviously the main usage case. If Fedora isn't compressing it's gzip rpms using zlib_rsync, I'm not hugely worried about that usage case (obviously, we want it to either work or bail out nicely, but fixing the security hole is far more important).
As far as I have seen, I'm happy with tagging http://koji.fedoraproject.org/koji/taskinfo?taskID=1721649
Tagged.
Metadata Update from @toshio: - Issue set to the milestone: Fedora 12 Beta
Login to comment on this ticket.