From mraaz at redhat.com Wed Jan 10 00:44:36 2018 From: mraaz at redhat.com (Marc Raaz) Date: Wed, 10 Jan 2018 10:44:36 +1000 Subject: [zanata-users] SySops patching against the Meltdown vulnerability 12-13th Jan 2018 Message-ID: Hi all This weekend SysOps will be patching our internal systems against the Meltdown vulnerability. At this time, patches are only available for RHEL kernel and Red Hat OpenStack. Unfortunately, in order to fully mitigate both Spectre and Meltdown, SysOps will need to do multiple rounds of updates requiring several outages over the next coming weeks. This weekend?s maintenance will be the first round of updates to patch for the Meltdown vulnerability. We will utilize the previously advertised /mnt/redhat outage window for this work: 8:00 AM US EST (13:00 UTC) Friday January 12 to 8:00 AM US EST (13:00 UTC) Saturday January 13. As mentioned in the official documentation [1], [2], these patches may impact performance. We will be applying known fixes if we encounter any issues. Once the maintenance window is over, please report any issues to pnthelp.redhat.com. [1] - https://access.redhat.com/security/vulnerabilities/speculativeexecution [2] - https://access.redhat.com/articles/3307751 Regards, MARC RAAZ ASSOCIATE MANAGER, SYSTEMS ADMINISTRATION SYSOPS, PNT DEVOPS Red Hat QLD 193 North Quay Brisbane QLD 4000 mraaz at redhat.com M: +61429881988 -------------- next part -------------- An HTML attachment was scrubbed... URL: From mraaz at redhat.com Mon Jan 15 01:27:46 2018 From: mraaz at redhat.com (Marc Raaz) Date: Mon, 15 Jan 2018 11:27:46 +1000 Subject: [zanata-users] SySops patching against the Meltdown vulnerability 12-13th Jan 2018 In-Reply-To: References: Message-ID: Hi Over the weekend, SysOps updated our systems to patch against the Meltdown vulnerability. We managed to patch over 250 systems. SysOps will continue to monitor these systems, as of now all systems are online and working as expected. Please report any issues to pnthelp.redhat.com Regards, MARC RAAZ ASSOCIATE MANAGER, SYSTEMS ADMINISTRATION SYSOPS, PNT DEVOPS Red Hat QLD 193 North Quay Brisbane QLD 4000 mraaz at redhat.com M: +61429881988 On Wed, Jan 10, 2018 at 10:44 AM, Marc Raaz wrote: > Hi all > > > This weekend SysOps will be patching our internal systems against the > Meltdown vulnerability. At this time, patches are only available for RHEL > kernel and Red Hat OpenStack. Unfortunately, in order to fully mitigate > both Spectre and Meltdown, SysOps will need to do multiple rounds of > updates requiring several outages over the next coming weeks. > > This weekend?s maintenance will be the first round of updates to patch for > the Meltdown vulnerability. > > > We will utilize the previously advertised /mnt/redhat outage window for > this work: 8:00 AM US EST (13:00 UTC) Friday January 12 to 8:00 AM US EST > (13:00 UTC) Saturday January 13. > > > As mentioned in the official documentation [1], [2], these patches may > impact performance. We will be applying known fixes if we encounter any > issues. Once the maintenance window is over, please report any issues to > pnthelp.redhat.com. > > > [1] - https://access.redhat.com/security/vulnerabilities/ > speculativeexecution > [2] - https://access.redhat.com/articles/3307751 > > > Regards, > > MARC RAAZ > > ASSOCIATE MANAGER, SYSTEMS ADMINISTRATION > > SYSOPS, PNT DEVOPS > > Red Hat QLD > > 193 North Quay > > Brisbane QLD 4000 > > mraaz at redhat.com M: +61429881988 > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From vvasilev at redhat.com Tue Jan 23 13:12:04 2018 From: vvasilev at redhat.com (Vladimir Vasilev) Date: Tue, 23 Jan 2018 14:12:04 +0100 Subject: [zanata-users] external zanatas SSL improvement Message-ID: Hi team, Things changed in the past couple of months/years in the SSL world. Back in the days when we moved to F5 balancer all external zanata sites had an "A" rating on ssllabs.com. Now I see we're downgraded to "C" [1] I made a change on staging to improve our cipher support which will bring us back to "A" Can you please test staging and let me know if you see any problems. If not I can do the change in production maybe next week https://translate.stage.jboss.org/ https://translate.stage.zanata.org/ https://fedora.stage.zanata.org/ Cheers, Vova [1] https://www.ssllabs.com/ssltest/analyze.html?d=translate.zanata.org&hideResults=on -- Vladimir Vasilev Principal Systems Administrator PnT DevOps - SysOps Red Hat Czech s.r.o., Purkynova 99, 612 00 Brno, Czech Republic Work: +420 532-294-569 Cell: +420 737-080-404 From ttrinks at redhat.com Tue Jan 23 23:43:26 2018 From: ttrinks at redhat.com (Timo Trinks) Date: Wed, 24 Jan 2018 09:43:26 +1000 Subject: [zanata-users] external zanatas SSL improvement In-Reply-To: References: Message-ID: <20180123234326.GB7727@magrathea> On Tue, Jan 23, 2018 at 02:12:04PM +0100, Vladimir Vasilev wrote: > Hi team, > > Things changed in the past couple of months/years in the SSL world. > Back in the days when we moved to F5 balancer all external zanata sites > had an > "A" rating on ssllabs.com. Now I see we're downgraded to "C" [1] > > I made a change on staging to improve our cipher support which will > bring us back to "A" > Can you please test staging and let me know if you see any problems. > If not I can do the change in production maybe next week > > https://translate.stage.jboss.org/ > https://translate.stage.zanata.org/ > https://fedora.stage.zanata.org/ Thanks, Vova. I just learned that both translate.stage.jboss.org and translate.jboss.org are to be retired (soon, I'm about to start working on it). Just to clarify that your changes are purely on the F5 load balancer end, right? @Zanata devs and users, can you please check the stages and get back to Vova whether you notified any significant changes / negative impacts? Thanks, Timo -- Timo Trinks , PGP: 0xD17A491E, RHC{A,E,{J,S,V}A} "Red Hat's mission: To be the catalyst in communities of customers, contributors, and partners creating better technology *the open source way*." -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From dchen at redhat.com Tue Jan 30 08:34:59 2018 From: dchen at redhat.com (Ding Yi Chen) Date: Tue, 30 Jan 2018 03:34:59 -0500 (EST) Subject: [zanata-users] platform-4.4.0 is released In-Reply-To: <643495437.4514253.1517300340223.JavaMail.zimbra@redhat.com> Message-ID: <758819547.4516356.1517301299247.JavaMail.zimbra@redhat.com> Completed deliverables: * maven Deployed to maven central. * GitHub Tagged, WAR is available as https://github.com/zanata/zanata-platform/releases/download/platform-4.4.0/zanata-war-4.4.0.war * docker docker pull docker.io/zanata/server:4.4.0 * 0install 0install destroy zanata-cli | yes | 0install -c add zanata-cli https://raw.githubusercontent.com/zanata/zanata.github.io/master/files/0install/zanata-cli.xml * dchen's repos sudo curl -L -o /etc/yum.repos.d/epel-zanata.repo https://repos.fedorapeople.org/dchen/zanata/epel-zanata.repo && sudo yum makecache && sudo yum -y install zanata-cli-bin TODO: * Fedora zanata-client packaging Note that we drop the overlay support in favor of docker. Regards, -- Ding-Yi CHEN Software Engineer, Globalization Group Red Hat Asia-Pacific Pty Ltd dchen at redhat.com Twitter: @redhatway | Instagram: @redhatinc | Snapchat: @redhatsnaps