Open Source Security Podcast: Episode 147 – Scams and operations as part of the supply chain

Share Button

Josh and Kurt talk about a new type of lockbox scams. We also discuss Slack being a target for nation state attacks. Do you consider your operations part of your supply chain?It’s totally part of your supply chain.

Show Notes

    Powered by WPeMatico

    Share Button

    Matthias Clasen: Pango future directions

    Share Button

    Pango is in clearly maintenance mode — Behdad and  I have a Pango work day once every few months, whenever we get together somewhere.

    But thats about it. Things that we don’t get done in a day often sit unfinished for long times in git branches or issues. Examples for this are the color Emoji support that took many years to land, or the  subpixel positioning work that is still unfinished.

    This doesn’t mean that text rendering is in decline. Far from it. In fact, Harfbuzz is more active than ever and has had unprecedented success: All major Web browsers, toolkits, and applications are using it.

    We’ve discussed for a while how to best take advantage of Harfbuzz’ success for text rendering on the desktop. Our conclusion is that we have to keep Pango from getting in the way. It should be a thin and translucent layer, and not require us to plumb APIs for every new feature through several internal abstractions.

    We have identified several steps that will let us make progress towards this goal.

    Unicode APIs

    Many libraries provide subsets of Unicode data and APIs: GLib has some. ICU has some, fribidi has some. Even Harfbuzz has some.

    Pango really does not need to  provide its own wrappers for text direction or Unicode scripts. Not doing so means we don’t have to update Pango when there is a new version of Unicode.

    Harfbuzz passthrough

    New font features land regularly in Harfbuzz. By providing direct access to Harfbuzz objects, we can make these available to GTK and applications without adding APIs to Pango.

    Stop using freetype

    Freetypes FT_Face object has locking semantics that are broken and hard to work with; they are constantly getting in the way as we are juggling hb_fonts, FT_Face and cairo scaled font objects.

    We’ve concluded that the best way forward is to stop using freetype for font loading or accessing font and glyph metrics. We can use Harfbuzz for all of these (a small gap will be closed soon).

    Using Harfbuzz for font loading means that we will lose support for bitmap and type1 fonts. We think this is an acceptable trade-off, but others might disagree. Note that Harfbuzz does support loading bitmap-only OpenType fonts.

    Unified shaping

    Shaping is the process of turning a paragraph of text and fonts into a sequence of positioned glyphs for rendering. Historically,  Pango has used a different implementation on each platforms.

    Going forward, we want to use Harfbuzz for shaping on all platforms. The web browsers already do this, and it works well. This will let us clean up a lot of old, unused shaping engine abstractions in Pango.

    Unhinted rendering

    As a general direction, we want to move Pango towards (horizontally) unhinted rendering, combined with subpixel positioning. Other platforms are already doing this. And it gives us resolution-independent layout that is better suited for scalable apis and OpenGL rendering.

     

    Powered by WPeMatico

    Share Button

    Luis Bazan: How to install Zimbra Collaboration Open Source 8.8.12_GA on CentOS 7

    Share Button

    Requirements:

    • CentOS 7
    • 10 GB RAM
    • 5 GB Free Space on /opt/Zimbra
    • 10 GB free disk space on /opt
    • 10 GB free disk space on /tmp
    • Fully Qualified Domain Name (FQDN), in this demo is “mail.ibtechpa.local”
    • Record A & MX for your Server
    • The firewall should be disabled
    Become the root user:
    # sudo su –

    or
    # su –

    Apply the latest updates using following command and then reboot:

    # yum update -y
    # reboot

    Install Zimbra dependencies:
    # yum install unzip net-tools sysstat libaio nmap-ncat libstdc++.so.6 openssh-clients perl-core wget libreoffice libreoffice-headless -y

    Set the hostname of your server:

    # hostnamectl set-hostname mail.ibtechpa.com
    # exec bash

    Edit hosts file:
    # vi /etc/hosts

    Add:

    192.168.1.141 mail.ibtechpa.com mail

    # cat /etc/hosts
    127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
    192.168.1.141 mail.ibtechpa.com mail

    Zimbra recommends the firewall to be disabled:
    # systemctl stop firewalld
    # systemctl disable firewalld

    In CentOS 7, postfix is installed and running by default. So, we need to disable it for Zimbra installation:
    # systemctl stop postfix
    # systemctl disable postfix

    Create Zimbra directory to place the installer:

    # mkdir /zimbra
    # cd /zimbra

    Download the Zimbra 8.8.12_GA:
    # wget https://files.zimbra.com/downloads/8.8.12_GA/zcs-8.8.12_GA_3794.RHEL7_64.20190329045002.tgz

    Extract the downloaded file:

    # tar -zxvf zcs-8.8.12_GA_3794.RHEL7_64.20190329045002.tgz

    Go to extracted folder and run the install script:
    # cd zcs-8.8.12_GA_3794.RHEL7_64.20190329045002
    [root@mail zcs-8.8.12_GA_3794.RHEL7_64.20190329045002]#

    # ./install.sh

    You will get text-based installation wizard. Press Y to accept the Zimbra license agreement:


    Configure the Zimbra package repository:

    Press “Y” to all Zimbra Components to install.

    Pres “Y” to continue to download the Zimbra related packages. This task can take time depending upon on your internet speed.




    Once all the Zimbra packages are download and installed, we will get the below window.
    Enter the domain name for Zimbra installation.

    In this case “ibtechpa.com”


    Now we need to set the Zimbra admin password:
    Press 7 and them 4.

    Set Password, Press enter, and press “r” to return.

    After set the admin password Press “s” and then Press enter to save the config in a file. Now Press “a” to apply the changes and enter “Y” to continue.

    Logging in to cli and check services:

    [root@mail ~]# su – zimbra
    Last login: Fri May 24 17:10:48 EST 2019 on pts/0
    [zimbra@mail ~]$

    [zimbra@mail ~]$ zmcontrol status
    Host mail.ibtechpa.com
            amavis                  Running
            antispam               Running
            antivirus               Running
            dnscache               Running
            ldap                      Running
            logger                   Running
            mailbox                Running
            memcached           Running
            mta                        Running
            opendkim               Running
            proxy                     Running
            service webapp     Running
            snmp                      Running
            spell                      Running
            stats                       Running
            zimbra webapp     Running
            zimbraAdmin webapp      Running
            zimlet webapp       Running
            zmconfigd              Running
    [zimbra@mail ~]$

    Check Version:

    [zimbra@mail ~]$ zmcontrol -v
    Release 8.8.12_GA_3794.RHEL7_64_20190329045002 RHEL7_64 FOSS edition, Patch 8.8.12_P1 proxy.
    [zimbra@mail ~]$

    Users -> URL – https://mail.ibtechpa.com
    Admin URL – https://mail.ibtechpa.com:7071/

    Test success!!!

    Powered by WPeMatico

    Share Button

    Fedora Community Blog: FPgM report: 2019-21

    Share Button

    Fedora Program Manager weekly report on Fedora Project development and progress

    Here’s your report of what has happened in Fedora Program Management this week.

    I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

    Announcements

    Help wanted

    Upcoming meetings

    Fedora 31 Status

    Changes

    Announced

    Submitted to FESCo

    Approved by FESCo

    The post FPgM report: 2019-21 appeared first on Fedora Community Blog.

    Powered by WPeMatico

    Share Button

    Roland Wolters: [Short Tip] Exit bad/broken/locked ssh sessions

    Share Button

    Sometimes it happens that SSH connections lock up. For example due to weird SSH server configuration or bad connectivity on your side, suddenly your SSH connection is broken. You cannot send any more comments via the SSH connection. The terminal just doesn’t react.

    And that includes the typical exit commands: Ctrl+z or Ctrl+d are not working anymore. So you are only left with the choice to close the terminal – right? In fact, no, you can just exist the SSH session.

    The trick is:
    Enter+~+.

    Why does this work? Because it is one of the defined escape sequences:

    The supported escapes (assuming the default ‘~’) are:
    ~.Disconnect.
    ~^Z Background ssh.
    ~# List forwarded connections.
    ~& Background ssh at logout when waiting for forwarded connection / X11 sessions to terminate.

    https://man.openbsd.org/ssh#EXIT_STATUS

    To many of you this is probably nothing new – but I never knew that, even after years of using SSH on a daily base, so I had the urge to share this.

    Powered by WPeMatico

    Share Button

    Michael Catanzaro: Dear Ubuntu: Please Stop Packaging Epiphany If You Won’t Do It Properly

    Share Button

    Dear Ubuntu,

    When users try Epiphany on Ubuntu, they receive a sub-par, broken browser. If you’re not willing to do this right, please just remove Epiphany from your repositories. We’d all be happier this way. You are the  most popular distributor of Epiphany by far, and your poor packaging is making the browser look bad.

    Epiphany 3.28.1 Is Stupid Old

    Currently you’ve packaged Epiphany 3.28.1 for Ubuntu 18.04, your current LTS release. 3.28.1 is a seriously broken version with an overaggressive adblock filters subscription that blocks legitimate resources on a wide variety of websites, resulting in broken page rendering. We obviously don’t want users to ever use 3.28.1. There is a 3.28.2, released on May 22, 2018, which fixes this problem, but after one year you have still not yet updated. Ideally you would update to 3.28.5, which has been available since September 21, 2018. It’s not like I’m expecting you to upgrade to 3.30 or to 3.32 (the current stable series). I’d be happy to release a 3.28.6, except I know that it’s pointless: you would not upgrade to it if I did.

    In Ubuntu 19.04, you have packaged Epiphany 3.32.0. The current version is 3.32.2. There are a lot of bugs fixed in between.

    Because Epiphany is in your universe repository, rather than main, I understand that Canonical does not provide updates. But this is really not OK. Do I really need to add an xscreensaver-style time bomb to protect the reputation of Epiphany?

    You’ve Disabled the JPEG 2000 Support

    WebKitGTK is in main and you have been updating it regularly and in a timely manner, which is good. Thanks for this!

    But we also need WebKitGTK to be built with OpenJPEG support, so that it can display JPEG 2000 images. Because you build WebKitGTK without OpenJPEG support, lots of popular websites are broken, including all websites using Akamai Image Manager. Because we have “Safari” but not “Chromium” in our user agent, these websites send us lots of JPEG 2000 images, and we need to be prepared to handle them properly to avoid broken websites. (Changing our user agent to avoid receiving JPEG 2000 images is, unfortunately, not practical.)

    Here we have a really difficult issue, because you admittedly have a good reason for disabling OpenJPEG use. OpenJPEG has failed your security review for inclusion in main. Seth Arnold from the Ubuntu Security Team has reported 24 issues in OpenJPEG, of which 21 still remain unfixed. (It’s probably too much to ask, but if any readers want to help tackle a couple of these, that would be really great.) WebKitGTK is only as secure as its least-secure image decoder, and it seems likely that that would be OpenJPEG. Exposing the low-quality OpenJPEG library to the entire web is risky.

    And yet, a web browser that doesn’t display websites properly is simply not worth delivering to users. We need this image decoder for web compatibility. WebKitGTK 2.26 will (hopefully) ship with a sandbox to mitigate security risks. Perhaps future versions of Epiphany should refuse to start if OpenJPEG support is unavailable?

    Powered by WPeMatico

    Share Button

    Randy Barlow: Bodhi 4.0.0 released

    Share Button

    After about 5 months of development time, the Fedora Infrastructure team has finally
    tagged Bodhi 4.0.0. This is a major
    release with many backwards incompatible changes, and results in a simpler codebase which should
    ease future development and maintenance.

    I’d like to thank the
    contributors
    for making it …

    Powered by WPeMatico

    Share Button

    Fedora Community Blog: Niharika and Divyansh: Improving modular packages and container security

    Share Button

    Fedora Summer Coding 2019

    This post is the fourth and final introduction to the Fedora Summer Coding interns Class of Summer 2019. In this interview, we’ll meet Niharika Shrivastava and Divyansh Kamboj, who are working on projects to improve Fedora module metadata and add additional security hardening to containers, respectively.

    Niharika Shrivastava: Extend unit tests for libmodulemd

    Niharika Shrivastava: Selected for "Extend unit tests for libmodulemd" for Outreachy 2019 with Fedora Project
    Niharika Shrivastava

    Niharika Shrivastava (orionstar25) is extending unit tests for the libmodulemd project. libmodulemd is a C Library for manipulating module metadata files. She was selected for Outreachy 2019.

    We asked Niharika a few questions as she prepares for her next three months working with Stephen Gallagher, her mentor for the summer.

    Tell us a bit about yourself!

    I am from India, and I currently stay in Mumbai (but I wish to settle somewhere close to the Northern Lights someday). I’m pursuing Bachelors in Information Technology from the Indian Institute of Information Technology, Allahabad. I’ve just finished my pre-final year.

    Fun fact time: I love to sing and am highly fascinated by the night sky (Niharika means a “Nebula”).

    How did you hear about Outreachy?

    I had heard about GSoC during my 1st year of college, in a talk given by a senior, who was a GSoCer in FOSSASIA then. I decided to apply for GSoC in my 2nd year when with some magic googling, I came across Outreachy. I had then applied with Mozilla for both the programs, but unfortunately wasn’t selected. After that, I decided to streamline my efforts and applied for Outreachy for the current round, and here I am!

    What caught your attention about Fedora? How does it align with your personal interests?

    I’m primarily an Ubuntu user and I love the control a terminal window gives me. I realized that I was more fluent in C++/C and Python than JavaScript, and that’s when I landed upon my project: “Extend unit tests for libmodulemd“. While it eventually required me to triple boot my machine (Windows + Ubuntu + Fedora), the intuitive code base and my mentor’s constant feedback made me passionate about contributing to Fedora.

    What are you looking forward to most during this GSoC round?

    This would be my first intern ever, let alone a remote one. Apart from further honing my skills, I also look forward to learning some essential soft skills and network with people from across the globe. Since mine is an independent project, I’d love to learn from other interns on how they’re tackling their tasks.

    Where do you see yourself after you complete this GSoC round?

    Mentally, I’d want to see myself more focused and confident, and have no self doubts about my capability.

    Academically, I wish to undertake more research projects (like this) that affect the people directly. I also want to pursue higher studies. But most importantly, I feel that I would be in good standing to encourage women everywhere to participate in such diversity programs and expand their horizons.

    Physically, I hope to see all of you at Flock 2019! 😀

    Who is your favorite Marvel superhero / superheroine?

    I AM GROOT. (But that was a tough one.)

    Anything you want to add?

    Question: Do you want a Red Hat?

    Answer: Yes, I’ll take two please.

    Divyansh Kamboj: SECCOMP profile generation tool for Podman

    Divyansh Kamboj (weirdwiz) is working on a SECCOMP profile generation tool for Podman. This project builds a tool to watch syscalls made within a container and generate a seccomp profile for this specific container to further harden security. This includes commands added to Podman to launch the container and collect a set of syscalls either through strace, or auditing, or similar tracing technologies. Divyansh was selected for Google Summer of Code 2019.

    We asked Divyansh a few questions as he prepares for his next three months working with Daniel Walsh and Valentin Rothberg, his mentors for the summer.

    Tell us a bit about yourself!

    I’m an 18 year old student at Jaypee Institute of Information Technology. I study computer science. I love to explore and learn new things.

    How did you hear about GSoC?

    I heard about GSoC from the senior students of my college. They said it was an incredible learning experience and they had lots of fun participating in it.

    What caught your attention about Fedora? How does it align with your personal interests?

    The Fedora community is very friendly and helping. The projects were very interesting and looked fun to do.

    What are you looking forward to most during this GSoC round?

    I am looking forward to working with my mentors to implement our ideas for this project.

    Where do you see yourself after you complete this GSoC round?

    After the program I see myself becoming a better programmer, and mentoring new students to get started into open source and help them getting started and self sufficient.

    Who is your favorite Marvel superhero / superheroine?

    My favorite super hero is Thor. He is one of the strongest Avengers, and quite fun.

    Thanks and good luck to Niharika and Divyansh as they begin their project work next week! Congrats to all selected Fedora Summer Coding 2019 students.

    The post Niharika and Divyansh: Improving modular packages and container security appeared first on Fedora Community Blog.

    Powered by WPeMatico

    Share Button

    Fedora Magazine: Packit – auto-package your projects into Fedora

    Share Button

    What is packit

    Packit (https://packit.dev/) is a CLI tool that helps you auto-package your upstream projects into the Fedora operating system. But what does it really mean?

    As a developer, you might want to add or update your package in Fedora. If you’ve done it in the past, you know it’s no easy task. If you haven’t let me reiterate: it’s no easy task.

    And this is exactly where packit can help: with just one configuration file in your upstream repository, packit will automatically package your software into Fedora and update it when you update your source code upstream.

    Furthermore, packit can synchronize downstream changes to a SPEC file back into the upstream repository. This could be useful if the SPEC file of your package is changed in Fedora repositories and you would like to synchronize it into your upstream project.

    Packit also provides a way to build an SRPM package based on an upstream repository checkout, which can be used for building RPM packages in COPR.

    Last but not least, packit provides a status command. This command provides information about upstream and downstream repositories, like pull requests, release and more others.

    Packit provides also another two commands: build and create-update.

    The command packit build performs a production build of your project in Fedora build system – koji. You can Fedora version you want to build against using an option –dist-git-branch. The command packit create-updates creates a Bodhi update for the specific branch using the option —dist-git-branch.

    Installation

    You can install packit on Fedora using dnf:

    sudo dnf install -y packit

    Configuration

    For demonstration use case, I have selected the upstream repository of colin (https://github.com/user-cont/colin). Colin is a tool to check generic rules and best-practices for containers, dockerfiles, and container images.

    First of all, clone colin git repository:

    $ git clone https://github.com/user-cont/colin.git
    $ cd colin

    Packit expects to run in the root of your git repository.

    Packit (https://github.com/packit-service/packit/) needs information about your project, which has to be stored in the upstream repository in the .packit.yaml file (https://github.com/packit-service/packit/blob/master/docs/configuration.md#projects-configuration-file).

    See colin’s packit configuration file:

    $ cat .packit.yaml
    specfile_path: colin.spec
    synced_files:
     -.packit.yaml
     - colin.spec
    upstream_project_name: colin
    downstream_package_name: colins

    What do the values mean?

    • specfile_path – a relative path to a spec file within the upstream repository (mandatory)
    • synced_files – a list of relative paths to files in the upstream repo which are meant to be copied to dist-git during an update
    • upstream_project_name – name of the upstream repository (e.g. in PyPI); this is used in %prep section
    • downstream_package_name – name of the package in Fedora (mandatory)

    For more information see the packit configuration documentation (https://github.com/packit-service/packit/blob/master/docs/configuration.md)

    What can packit do?

    Prerequisite for using packit is that you are in a working directory of a git checkout of your upstream project.

    Before running any packit command, you need to do several actions. These actions are mandatory for filing a PR into the upstream or downstream repositories and to have access into the Fedora dist-git repositories.

    Export GitHub token taken from https://github.com/settings/tokens:

    $ export GITHUB_TOKEN=

    Obtain your Kerberos ticket needed for Fedora Account System (FAS) :

    $ kinit @FEDORAPROJECT.ORG

    Export your Pagure API keys taken from https://src.fedoraproject.org/settings#nav-api-tab:

    $ export PAGURE_USER_TOKEN=

    Packit also needs a fork token to create a pull request. The token is taken from https://src.fedoraproject.org/fork/YOU/rpms/PACKAGE/settings#apikeys-tab

    Do it by running:

    $ export PAGURE_FORK_TOKEN=

    Or store these tokens in the ~/.config/packit.yaml file:

    $ cat ~/.config/packit.yaml

    github_token:
    pagure_user_token:
    pagure_fork_token:

    Propose a new upstream release in Fedora

    The command for this first use case is called propose-update (https://github.com/jpopelka/packit/blob/master/docs/propose_update.md). The command creates a new pull request in Fedora dist-git repository using a selected or the latest upstream release.

    $ packit propose-update

    INFO: Running 'anitya' versioneer
    Version in upstream registries is '0.3.1'.
    Version in spec file is '0.3.0'.
    WARNING  Version in spec file is outdated
    Picking version of the latest release from the upstream registry.
    Checking out upstream version 0.3.1
    Using 'master' dist-git branch
    Copying /home/vagrant/colin/colin.spec to /tmp/tmptfwr123c/colin.spec.
    Archive colin-0.3.0.tar.gz found in lookaside cache (skipping upload).
    INFO: Downloading file from URL https://files.pythonhosted.org/packages/source/c/colin/colin-0.3.0.tar.gz
    100%[=============================>]     3.18M  eta 00:00:00
    Downloaded archive: '/tmp/tmptfwr123c/colin-0.3.0.tar.gz'
    About to upload to lookaside cache
    won't be doing kinit, no credentials provided
    PR created: https://src.fedoraproject.org/rpms/colin/pull-request/14

    Once the command finishes, you can see a PR in the Fedora Pagure instance which is based on the latest upstream release. Once you review it, it can be merged.

    Sync downstream changes back to the upstream repository

    Another use case is to sync downstream changes into the upstream project repository.

    The command for this purpose is called sync-from-downstream (https://github.com/jpopelka/packit/blob/master/docs/sync-from-downstream.md). Files synced into the upstream repository are mentioned in the packit.yaml configuration file under the synced_files value.

    $ packit sync-from-downstream

    upstream active branch master
    using "master" dist-git branch
    Copying /tmp/tmplvxqtvbb/colin.spec to /home/vagrant/colin/colin.spec.
    Creating remote fork-ssh with URL git@github.com:phracek/colin.git.
    Pushing to remote fork-ssh using branch master-downstream-sync.
    PR created: https://github.com/user-cont/colin/pull/229

    As soon as packit finishes, you can see the latest changes taken from the Fedora dist-git repository in the upstream repository. This can be useful, e.g. when Release Engineering performs mass-rebuilds and they update your SPEC file in the Fedora dist-git repository.

    Get the status of your upstream project

    If you are a developer, you may want to get all the information about the latest releases, tags, pull requests, etc. from the upstream and the downstream repository. Packit provides the status command for this purpose.

    $ packit status
    Downstream PRs:
     ID  Title                             URL
    ----  --------------------------------  ---------------------------------------------------------
     14  Update to upstream release 0.3.1  https://src.fedoraproject.org//rpms/colin/pull-request/14
     12  Upstream pr: 226                  https://src.fedoraproject.org//rpms/colin/pull-request/12
     11  Upstream pr: 226                  https://src.fedoraproject.org//rpms/colin/pull-request/11
      8 Upstream pr: 226                  https://src.fedoraproject.org//rpms/colin/pull-request/8

    Dist-git versions:
    f27: 0.2.0
    f28: 0.2.0
    f29: 0.2.0
    f30: 0.2.0
    master: 0.2.0

    GitHub upstream releases:
    0.3.1
    0.3.0
    0.2.1
    0.2.0
    0.1.0

    Latest builds:
    f27: colin-0.2.0-1.fc27
    f28: colin-0.3.1-1.fc28
    f29: colin-0.3.1-1.fc29
    f30: colin-0.3.1-2.fc30

    Latest bodhi updates:
    Update                Karma  status
    ------------------  ------- --------
    colin-0.3.1-1.fc29        1  stable
    colin-0.3.1-1.fc28        1  stable
    colin-0.3.0-2.fc28        0  obsolete

    Create an SRPM

    The last packit use case is to generate an SRPM package based on a git checkout of your upstream project. The packit command for SRPM generation is srpm.

    $ packit srpm
    Version in spec file is '0.3.1.37.g00bb80e'.
    SRPM: /home/phracek/work/colin/colin-0.3.1.37.g00bb80e-1.fc29.src.rpm

    Packit as a service

    In the summer, the people behind packit would like to introduce packit as a service (https://github.com/packit-service/packit-service). In this case, the packit GitHub application will be installed into the upstream repository and packit will perform all the actions automatically, based on the events it receives from GitHub or fedmsg.

    Powered by WPeMatico

    Share Button

    Remi Collet: PHP extensions status with upcoming PHP 7.4

    Share Button

    With PHP 7.4 entering stabilization phase, time to check the status of most commonly used PHP extensions (at least, the ones available in my repository).

    Here is the (not yet) exhaustive list.

    1. Compatible

    The last published version is compatible

    # Name Version State
      ahocorasick 0.0.6 OK
      amqp 1.9.4 OK
      apcu 5.1.17 OK
      apcu_bc 1.0.5 OK
      apfd 1.0.1 OK
      ast 1.0.1 OK
      base58 0.1.3 OK
      bitset 3.0.1 OK
      brotli 0.7.0 OK
      couchbase 2.6.0 OK
      dio 0.1.0 OK
      ds 1.2.9 OK
      event 2.5.0 OK
      fann 1.1.1 OK
      gearman 2.0.5 OK
      geoip 1.1.1 OK
      horde_lz4 1.0.10 OK
      igbinary 3.0.1 OK
      inotify 2.0.0 OK
      json_post 1.0.1 OK
      krb5 1.1.2 OK
      libvirt 0.5.4 OK
      lzf 1.6.7 OK
      mailparse 3.0.3 OK
      maxminddb 1.4.1 OK
      memcache 4.0.3 OK
      memcached 3.1.3 OK
      mongodb 1.6.0alpha1 OK
      msgpack 2.0.3 OK
      phpiredis 1.0.0 OK
      pcov 1.0.3 OK
      pq 2.1.5 OK
      propro 2.1.0 OK
      psr 0.6.1 OK
      radius 1.4.0b1 OK
      raphf 2.0.0 OK
      redis 4.3.0 OK
      rpminfo 0.2.1 OK
      rrd 2.0.1 OK
      selinux 0.4.2 OK
      smbclient 1.0.0 OK
      ssdeep 1.1.0 OK
      ssh2 1.1.2 OK
      stomp 1.2.10 OK
      timecop 2.0.2 Some failed tests since 7.2 (related to timelib changes)
      uuid 1.0.4 OK
      xattr 1.3.0 OK
      xmldiff 1.1.2 OK
      yac 2.0.2 OK
      yaml 2.0.4 OK
      zstd 0.7.3 OK

     

    2. Work in progress

    These extensions have been fixed upstream (or PR are available) but no official release.

    # Name Version State
      cassandra 1.3.2 Fixed by PR #126 and PR #132, awaiting review
      interbase 1.0.0-dev Dropped from 7.4, not released yet
      oauth 2.0.4-dev Fixed upstream
      solr 2.4.0 Fixed upstream (still pending for 7.3)
      sphinx 1.4.0-dev Fixed upstream (still pending for 7.0)
      zip 1.15.5-dev Fixed upstream
      zmq 1.1.3 Fixed upstream

     

    3. Not compatible for now (only from 7.3 compatible extensions)

    # Name Version State
      cmark 1.1.0 Segfault
      http 3.2.0 Segfault
      uopz 6.0.1 Don’t build
      xdebug 2.7.2 Not supported

     

    4. Conclusion

    Too soon for a statement, alpha1 is not yet released.

    Last updated on May 23th 2019

    Powered by WPeMatico

    Share Button