Security issue: Can't build mediawiki - F7 thinks it's F8
Mike Bonnet
mikeb at redhat.com
Mon Aug 6 14:39:08 UTC 2007
On Mon, 2007-08-06 at 15:00 +0200, Axel Thimm wrote:
> On Mon, Aug 06, 2007 at 07:51:00AM -0500, Dennis Gilmore wrote:
> > Once upon a time Monday 06 August 2007, Jesse Keating wrote:
> > > On Mon, 6 Aug 2007 14:18:36 +0200
> > >
> > > Axel Thimm <Axel.Thimm at ATrpms.net> wrote:
> > > > Typo?
> > >
> > > Not exactly. Expression mismatch. The tag was /applied/ on the devel/
> > > branch, so when cvs is asked for that tag, it tries to pull it from
> > > devel/ and bad things happen.
> > >
> > > > > in devel, koji gets a little confused when making the srpm for you.
> > > > > You'll most likely need to bump/tag on F-7 then you can build and it
> > > > > will get the proper .fc7 tag to it.
> > > >
> > > > Hm, this sounds more like a bug that should be fixed in koji. Wouldn't
> > > > that apply to any kind of branching CVS, e.g. koji inherits bad tags
> > > > to branches? This bug only surfaces if the tagsing and building is
> > > > intermitted by the branch, but consider adding new archs to Fedora, it
> > > > will hit all packages (as the build for the new arch will be after the
> > > > branching, unless new archs are limited to devel).
> > >
> > > I'm not entirely sure how this is going to be handled. It probably
> > > does need looking into, something deep in the cvs "branching" scripts
> > > we use. My cvs-fu isn't nearly that strong :(
> >
> > probably need to call make tag after creating the branch.
>
> The problem was that make tag has been created before the branch, but
> the make build afterwards. It is also not possible to rerun make tag.
The problem here is actually that the tag created on devel/ didn't
include a "branch" file (that file doesn't get created until the
branch-creation scripts are run). In the absence of a "branch" file,
Makefile.common assumes you're on devel/ and expands the %dist tag to
the values defined for devel in common/branches (currently .fc8).
Basically, tagging before the branch point and building after it is not
supported. After the branch point, any builds need to bump the revision
and run "make tag" before they can build.
More information about the Fedora-buildsys-list
mailing list