[prev in list] [next in list] [prev in thread] [next in thread]
List: haskell-cafe
Subject: Re: [Haskell-cafe] Package takeover: bzlib
From: Andrew Lelechenko <andrew.lelechenko () gmail ! com>
Date: 2024-03-09 19:36:54
Message-ID: 7A79C2D4-DD67-4434-8AD9-C410DF33478C () gmail ! com
[Download RAW message or body]
Spam detection software, running on the system "mail.haskell.org", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Thanks a ton, Duncan! > On 9 Mar 2024, at 19:20, Duncan Coutts
wrote: > > Done! > > https://hackage.haskell.org/package/bzlib/maintainers/
> > On Sat, 2024-03-09 at 15:30 +0000, Andrew Lelechenko wrote: >> I'd
like to take over `bzlib` package (https://hackage.haskell.org/package/bzlib).
>> >> I've contacted the package maintainer (Duncan Coutts, CC'd) by email
twice in Aug 2023 and Oct 2023, but never heard back. Earlier Duncan granted
me rights for `tar` and `zlib` packages, so I imagine he is just exceedingly
busy. >> >> `bzlib` package has been on life support by Hackage Trustees
for many years with a fork maintained at https://github.com/hackage-trustees/bzlib.
While I can do another non-maintainer upload in my Trustee hat, I'd like
to seek a more permanent solution and maintain `bzlib` back to its canonical
home at https://github.com/haskell/bzlib (which I already have access to).
>> >> I do not plan any drastic changes. The immediate cause of this request
is HSEC-2024-0002 (https://github.com/haskell/security-advisories/pull/157,
https://github.com/hackage-trustees/bzlib/issues/4), which identifies a security
vulnerability in `bzlib`, thus raising a need for urgent update. >> >> Best
regards, >> Andrew > [...]
Content analysis details: (5.8 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(andrew.lelechenko[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
5.0 UNWANTED_LANGUAGE_BODY BODY: Message written in an undesired language
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.4999]
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
Return-Path: <andrew.lelechenko@gmail.com>
Received: from mail-wm1-x32e.google.com (mail-wm1-x32e.google.com \
[IPv6:2a00:1450:4864:20::32e]) by haskell.org (Postfix) with ESMTPS id C6BEBBC53D;
Sat, 9 Mar 2024 19:36:42 +0000 (UTC)
Received: by mail-wm1-x32e.google.com with SMTP id \
5b1f17b1804b1-412e784060cso24481885e9.1; Sat, 09 Mar 2024 11:37:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s 230601; t10013025; x10617825; darn=haskell.org;
h=to:references:message-id:content-transfer-encoding:cc:date
:in-reply-to:from:subject:mime-version:from:to:cc:subject:date
:message-id:reply-to;
bh=AxzZ+QTNZumQgLJ3qNO6HS3ZCyk9gew4kSRBHg74Ka8=;
b=BZv37DpmszNWn0Vm+f+E4WshVkXZFTdYSdPAxuBI0nftPINwPTxAyfykAlEqrvJGdj
YfeMvMxe0ntO0KfWli0nCmaEMMZwVTMW6izhgmVhXOznEmvERWJPScOaLi+z5AR4XHpO
rhKwwynVfHU20ucRObhYPAo841pvElMXZixSbfmY0ul89W4LYkY9VvMYT2310cpIwGii
bodAKzmK4oiiBJFsweZRyz9gCiUYkbqHtHe8prIAWO5CWj1dfe78v75rEOftrmHk4CHw
VcCw+fFx4No19t/ixMRztye47Z85ZeNA5pG1lejcSj9HRe1b+7lEa0NBPFORxIcXzJEr
Bw0g=X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d100.net; s 230601; t10013025; x10617825;
h=to:references:message-id:content-transfer-encoding:cc:date
:in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc
:subject:date:message-id:reply-to;
bh=AxzZ+QTNZumQgLJ3qNO6HS3ZCyk9gew4kSRBHg74Ka8=;
b=ize0Pu3iKervakvMlOWwN8ffeiO4RJvrzYWWbwRL3sF4V+v5wSUNl3aMlRbFtu/UK2
lA/qLopveT1/IrlpUCfGLUHBUxRiKJ2vy/E9W2dvDP4qEybN3nU0WWfZwJOMlgG2tOb0
/duwXpJn0F2hdrSCWpdYWkHdT+Du68z1irBMiRhzMwzj6wk8CsGEg8uqh/XpAuaN2ojA
OHCWsSlu4u0L7018Pnf3wZPX/zqUzdvvmOQW9+EFNvOBIf7q9xHdlsO+GfD2biAlJu4D
hvRyOtTeA12KSX+3CTRj2PHSGqpbDHOdpa7NEeDdBuciJ2ko+q2+tQkKm3SF6sBg2mWC
mJrQ=X-Forwarded-Encrypted: i=1; \
AJvYcCW0wzO45Wdi7Fvivwgf1wBGyMfVOEIOYsuM8g2hvxlgwBpw/DFUJd4+3XVVX6akujoUB/c6IJSW+6Nf03HVQhDiV5A3mXR99oIX-Gm-Message-State: \
AOJu0YySLH/S18TGFPC2zRVS6xTfe3QowARUqlQOeAJ6SPEonpN6qp2D \
2d/OAFrRDQw/s01nICKh5/HMKsJtfyZR0fQJlx3OJVGQtgnZfKIU
X-Google-Smtp-Source: \
AGHT+IFTuUnJsnK13VMQnUi4TAzPGr4yasyMwO8G+D0qm8eQnY9FOFxIMyZ2CSlZ7mo03ILyS9EbAA=X-Received: \
by 2002:adf:8b5d:0:b0:33e:175b:4af8 with SMTP id \
v29-20020adf8b5d000000b0033e175b4af8mr3108859wra.28.1710013025339; Sat, 09 Mar 2024 \
11:37:05 -0800 (PST)
Received: from smtpclient.apple (cpc114408-walt26-2-0-cust196.13-2.cable.virginm.net. \
[82.0.18.197])
by smtp.gmail.com with ESMTPSA id \
s13-20020a5d6a8d000000b0033d202abf01sm2462426wru.28.2024.03.09.11.37.04 \
(version=TLS1_2 cipherėDHE-ECDSA-AES128-GCM-SHA256 bits8/128); Sat, 09 Mar 2024 \
11:37:05 -0800 (PST)
Content-Type: text/plain;
charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.200.110.1.12\))
Subject: Re: Package takeover: bzlib
From: Andrew Lelechenko <andrew.lelechenko@gmail.com>
In-Reply-To: <7ee87a62683addd174f42a81ed4571888f1320d9.camel@well-typed.com>
Date: Sat, 9 Mar 2024 19:36:54 +0000
Cc: Haskell Libraries <libraries@haskell.org>,
haskell-cafe@haskell.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <7A79C2D4-DD67-4434-8AD9-C410DF33478C@gmail.com>
References: <635FF9C8-BFEE-420C-8D41-9A1FDEF0AA00@gmail.com>
<7ee87a62683addd174f42a81ed4571888f1320d9.camel@well-typed.com>
To: Duncan Coutts <duncan@well-typed.com>
X-Mailer: Apple Mail (2.3731.200.110.1.12)
Thanks a ton, Duncan!
> On 9 Mar 2024, at 19:20, Duncan Coutts <duncan@well-typed.com> wrote:
>
> Done!
>
> https://hackage.haskell.org/package/bzlib/maintainers/
>
> On Sat, 2024-03-09 at 15:30 +0000, Andrew Lelechenko wrote:
> > I'd like to take over `bzlib` package \
> > (https://hackage.haskell.org/package/bzlib).
> > I've contacted the package maintainer (Duncan Coutts, CC'd) by email twice in Aug \
> > 2023 and Oct 2023, but never heard back. Earlier Duncan granted me rights for \
> > `tar` and `zlib` packages, so I imagine he is just exceedingly busy.
> > `bzlib` package has been on life support by Hackage Trustees for many years with \
> > a fork maintained at https://github.com/hackage-trustees/bzlib. While I can do \
> > another non-maintainer upload in my Trustee hat, I'd like to seek a more \
> > permanent solution and maintain `bzlib` back to its canonical home at \
> > https://github.com/haskell/bzlib (which I already have access to).
> > I do not plan any drastic changes. The immediate cause of this request is \
> > HSEC-2024-0002 (https://github.com/haskell/security-advisories/pull/157, \
> > https://github.com/hackage-trustees/bzlib/issues/4), which identifies a security \
> > vulnerability in `bzlib`, thus raising a need for urgent update.
> > Best regards,
> > Andrew
>
[Attachment #4 (text/plain)]
_______________________________________________
Haskell-Cafe mailing list
To (un)subscribe, modify options or view archives go to:
http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell-cafe
Only members subscribed via the mailman list are allowed to post.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic