May 7, 2010:

3:48 AM Changeset [1559] by mitchb
Patch for CVE-2010-0829... SSDP: Same Thing, Different Package
1:48 AM Changeset [1558] by adehnert
Clarify/expand the package build instructions
1:44 AM Changeset [1557] by adehnert
Patch for CVE-2010-1440 (and CVE-2010-0739) Both are crashes or arbitrary code execution.

May 6, 2010:

12:00 AM Changeset [1556] by andersk
trac: Enable the Mercurial plugin for Mercurial repositories.

May 5, 2010:

3:47 PM Ticket #131 (Better package management for eggs, gems, and other vaguely ...) created by andersk
We currently install a bunch of Perl CPAN modules, Python eggs, and …
4:06 AM Ticket #128 (Several tickets fail to display now (due to SensitiveTickets plugin bug)) closed by andersk
fixed: Fixed by the attached patch. I’ll send it upstream.
1:06 AM Changeset [1555] by mitchb
There can be only one! (so stop hogging the GLOCK) OpenAFS 1.4.12 had bogus "lost connection" messages, which went away when we rolled back to 1.4.11. However, we're now occasionally having hard lockups because readdir deadlocks waiting for the GLOCK when filldir is holding it and pagefaults. Apply 829838e45f94921d22335154587216f7842e3955 from upstream as a compromise until we can move into the future with OpenAFS 1.5

May 3, 2010:

1:24 AM Changeset [1554] by andersk
nss_nonlocal.spec: License is LGPLv2+.
1:20 AM Changeset [1553] by andersk
Update nss_nonlocal to 1.11.

Apr 29, 2010:

7:55 PM Changeset [1552] by adehnert
Add certificate for Finboard

Apr 26, 2010:

6:22 PM Changeset [1551] by ezyang
Remove star scripts from production
6:18 PM Changeset [1550] by ezyang
Do --record-only merge to fix mergeinfo.
6:14 PM Ticket #130 ("MIT Academic Calendar" is out of date) created by geofft
Looks like MIT Academic Calendar.ics in the phpical autoinstaller runs …
6:11 PM Changeset [1549] by ezyang
Update rails mergeinfo (revert obliterated the update.)
6:09 PM Changeset [1548] by ezyang
Update mergeinfo.
6:08 PM Changeset [1547] by ezyang
Merge adehnert's phpical changes, update mergeinfo.
3:00 PM Changeset [1546] by quentin
New maintainers

Apr 25, 2010:

6:33 AM Changeset [1545] by mitchb
Revert r1510. Back out to OpenAFS 1.4.11. 1.4.12 may not have been as much of a Nice Thing (TM) as we'd hoped. Since upgrading to it, our servers have been flapping on a more-than-daily basis, almost always due to bogus AFS lost contact messages, resulting in loads shooting up into the hundreds while the machines are stuck in IOwait. When this includes the server that contrib.scripts is on, the machine falls out of the pool. In all cases, it results in a service slowdown. Sometimes a reboot has been necessary because 'fs checks' doesn't always clear it up. While we haven't found a conclusive cause for the problems, they seem to point to AFS, and began happening the same night we upgraded to 1.4.12.

Apr 23, 2010:

11:14 PM Changeset [1544] by geofft
Revert "install-howto.sh: Unpushed commit from February 8" As Mitch pointed out, you only need the sketchiness described here if you're installing a package on a running system, and this document is about the initial install. It was also lacking in clarity and so useless. This reverts r1542.
4:17 AM Ticket #129 (Publish an SPF record for scripts.mit.edu / get scripts.mit.edu DNS ...) created by andersk
According to the …

Apr 20, 2010:

3:13 AM Changeset [1543] by geofft
aliases: Update root@scripts.mit.edu list to current maintainers
2:42 AM Changeset [1542] by geofft
install-howto.sh: Unpushed commit from February 8 Apparently I was having some fun...
12:47 AM Ticket #128 (Several tickets fail to display now (due to SensitiveTickets plugin bug)) created by andersk
Tickets #1 and #2 (at least) in this Trac are broken. We should fix …
12:20 AM Changeset [1541] by mitchb
SSL certificate and config for asa.mit.edu

Apr 16, 2010:

5:40 AM Changeset [1540] by mitchb
Two's company and three's a crowd, but have an orgy if you must Apache 2.2.15 includes support for RFC 5746, which specifies the TLS Renegotiation Indication Extension and fixes the protocol flaw that allows CVE-2009-3555. Unfortunately, secure renegotiations require support in both the server and the client, and so it will take some time until most webservers and most browsers have been upgraded to support this extension. While we want to support and enforce secure renegotiation for clients that are capable of it, and we want to encourage everyone to upgrade ASAP, refusing to renegotiate with clients that haven't yet gotten support would most likely break many sites for many users. This setting should be temporary, but it's not yet clear how long we may have to wait.
5:21 AM Changeset [1539] by mitchb
Upgrade to Apache 2.2.15 Also drop the CVE-2010-0434 patch which is now incorporated upstream.

Apr 11, 2010:

9:49 AM Changeset [1538] by mitchb
Renewed certificate for bc.mit.edu
6:38 AM Changeset [1537] by mitchb
Upstream krb5 update

Apr 10, 2010:

10:50 PM Ticket #127 (zephyr discussion of tickets should get cross-posted to RT) created by adehnert
Generally speaking, when I look at a ticket that's been around a …
9:16 PM Changeset [1536] by ezyang
Certificate and Apache config for quickprint.

Apr 8, 2010:

3:41 AM Changeset [1535] by mitchb
Update moira snapshot
Note: See TracTimeline for information about the timeline view.