{"update": {"autokarma": true, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Security fix for CVE-2013-2099, CVE-2013-7440", "type": "security", "status": "stable", "request": null, "severity": "unspecified", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2016-02-03 04:58:21", "date_modified": null, "date_approved": null, "date_testing": "2016-02-03 21:58:03", "date_stable": "2016-02-12 07:46:41", "alias": "FEDORA-2016-52b294538d", "test_gating_status": null, "from_tag": null, "date_pushed": "2016-02-12 07:46:41", "meets_testing_requirements": false, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2016-52b294538d", "title": "python-pymongo-2.5.2-8.fc22", "version_hash": "4fc60eb0fb093d6b328ef3680d72e7cd4bbe191b", "release": {"name": "F22", "long_name": "Fedora 22", "version": "22", "id_prefix": "FEDORA", "branch": "f22", "dist_tag": "f22", "stable_tag": "f22-updates", "testing_tag": "f22-updates-testing", "candidate_tag": "f22-updates-candidate", "pending_signing_tag": "", "pending_testing_tag": "f22-updates-testing-pending", "pending_stable_tag": "f22-updates-pending", "override_tag": "f22-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": null, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by rbarlow. ", "timestamp": "2016-02-03 04:58:21", "update_id": 50012, "user_id": 91, "id": 385096, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2016-02-03 23:27:22", "update_id": 50012, "user_id": 91, "id": 385417, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes", "timestamp": "2016-02-11 00:00:19", "update_id": 50012, "user_id": 91, "id": 387963, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by rbarlow. ", "timestamp": "2016-02-11 18:22:28", "update_id": 50012, "user_id": 91, "id": 388241, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2016-02-12 12:22:20", "update_id": 50012, "user_id": 91, "id": 388477, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "python-pymongo-2.5.2-8.fc22", "signed": true, "release_id": 12, "type": "rpm", "epoch": null}], "bugs": [{"bug_id": 963260, "title": "CVE-2013-2099 python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns", "security": true, "parent": true, "feedback": []}, {"bug_id": 1224999, "title": "CVE-2013-7440 python: wildcard matching rules do not follow RFC 6125", "security": true, "parent": true, "feedback": []}, {"bug_id": 1231231, "title": "CVE-2013-7440 CVE-2013-2099 python-pymongo: various flaws [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 377303, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "Please do not push this update out to stable! pymongo version 3 is not backwards compatible and will break its dependent packages! Also, the CVE this addresses is extremely low impact and is highly unlikely to happen in the real world as CAs do not issue certificates like this.\n\nIf we want to fix the CVE, the correct thing to do is to backport a patch, not to raise the version in a way that breaks dependencies.", "timestamp": "2016-01-14 16:51:41", "update_id": 41084, "user_id": 897, "id": 377303, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377304, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "Please do not push this update out to stable! pymongo version 3 is not backwards compatible and will break its dependent packages! Also, the CVE this addresses is extremely low impact and is highly unlikely to happen in the real world as CAs do not issue certificates like this.\nIf we want to fix the CVE, the correct thing to do is to backport a patch, not to raise the version in a way that breaks dependencies.", "timestamp": "2016-01-14 16:53:16", "update_id": 41087, "user_id": 897, "id": 377304, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377313, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "Please do not push this update out to stable! pymongo version 3 is not backwards compatible and will break its dependent packages! Also, the CVE this addresses is extremely low impact and is highly unlikely to happen in the real world as CAs do not issue certificates like this. If we want to fix the CVE, the correct thing to do is to backport a patch, not to raise the version in a way that breaks dependencies.", "timestamp": "2016-01-14 16:58:27", "update_id": 41086, "user_id": 897, "id": 377313, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377314, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "Please do not push this update out to stable! pymongo version 3 is not backwards compatible and will break its dependent packages! Also, the CVE this addresses is extremely low impact and is highly unlikely to happen in the real world as CAs do not issue certificates like this. If we want to fix the CVE, the correct thing to do is to backport a patch, not to raise the version in a way that breaks dependencies.", "timestamp": "2016-01-14 16:58:46", "update_id": 41085, "user_id": 897, "id": 377314, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377316, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "dnf -C repoquery --whatrequires python-pymongo\nLast metadata expiration check performed 0:56:16 ago on Thu Jan 14 17:02:45 2016.\nmongodb-test-0:3.0.6-1.fc23.x86_64\nmongodb-test-0:3.0.7-1.fc23.x86_64\nopenstack-ceilometer-api-0:2015.1.1-1.fc23.noarch\nopenstack-ceilometer-collector-0:2015.1.1-1.fc23.noarch\nopenstack-marconi-0:2014.1-3.fc23.2.noarch\nopenstack-zaqar-0:2015.1.0-2.fc23.noarch\npython-mongoengine-0:0.8.4-1.fc21.noarch\npython-mongoengine-0:0.8.8-2.fc23.noarch\n\n\nNone of these packages were actually broken by this update, so why it got unpushed. Moreover, I let secteam evaluate severity, so please undo the unpush.", "timestamp": "2016-01-14 17:03:26", "update_id": 41084, "user_id": 222, "id": 377316, "testcase_feedback": [], "user": {"name": "hguemar", "email": "karlthered@gmail.com", "id": 222, "avatar": "https://seccdn.libravatar.org/avatar/21751e7ac6415a04d74130ce9b3235b7e41d8a15e71f7fc40c5bec45e493a516?s=24&d=retro", "openid": "hguemar.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "python-sig"}, {"name": "openstack-sig"}, {"name": "sig-storage"}, {"name": "gitbeefymiracle"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "python-packagers-sig"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitovirt"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "atomic-wg"}]}}}, {"karma": 0, "comment_id": 377320, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "@rbarlow: come with concrete examples where this update breaks package.", "timestamp": "2016-01-14 17:05:33", "update_id": 41087, "user_id": 222, "id": 377320, "testcase_feedback": [], "user": {"name": "hguemar", "email": "karlthered@gmail.com", "id": 222, "avatar": "https://seccdn.libravatar.org/avatar/21751e7ac6415a04d74130ce9b3235b7e41d8a15e71f7fc40c5bec45e493a516?s=24&d=retro", "openid": "hguemar.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "python-sig"}, {"name": "openstack-sig"}, {"name": "sig-storage"}, {"name": "gitbeefymiracle"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "python-packagers-sig"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitovirt"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "atomic-wg"}]}}}, {"karma": 0, "comment_id": 377322, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "@rbarlow: come with concrete examples where this update breaks any package. Openstack packages require v3.", "timestamp": "2016-01-14 17:07:05", "update_id": 41087, "user_id": 222, "id": 377322, "testcase_feedback": [], "user": {"name": "hguemar", "email": "karlthered@gmail.com", "id": 222, "avatar": "https://seccdn.libravatar.org/avatar/21751e7ac6415a04d74130ce9b3235b7e41d8a15e71f7fc40c5bec45e493a516?s=24&d=retro", "openid": "hguemar.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "python-sig"}, {"name": "openstack-sig"}, {"name": "sig-storage"}, {"name": "gitbeefymiracle"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "python-packagers-sig"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitovirt"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "atomic-wg"}]}}}, {"karma": 0, "comment_id": 377330, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update breaks Pulp, which depends on python-pymongo through python-mongoengine:\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1298427\n\nAlso, the CVE's impact is listed as low and taking advantage of it is listed as complex. These evaluations were made by the secteam.", "timestamp": "2016-01-14 18:43:11", "update_id": 41084, "user_id": 897, "id": 377330, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377332, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update breaks Pulp, which depends on python-pymongo through python-mongoengine:\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1298427\n\nAlso, the CVE's impact is listed as low and taking advantage of it is listed as complex. These evaluations were made by the secteam.", "timestamp": "2016-01-14 18:44:17", "update_id": 41087, "user_id": 897, "id": 377332, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377333, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "Furthermore, the backwards incompatibility of this change is well documented here and is extensive:\n\nhttps://api.mongodb.org/python/current/changelog.html#changes-in-version-3-0", "timestamp": "2016-01-14 18:46:03", "update_id": 41084, "user_id": 897, "id": 377333, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377334, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "Furthermore, the backwards incompatibility of this change is well documented here and is extensive:\n\nhttps://api.mongodb.org/python/current/changelog.html#changes-in-version-3-0", "timestamp": "2016-01-14 18:46:10", "update_id": 41087, "user_id": 897, "id": 377334, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377335, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update breaks Pulp, which depends on python-pymongo through python-mongoengine:\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1298427\n\nAlso, the CVE's impact is listed as low and taking advantage of it is listed as complex. These evaluations were made by the secteam.\n\nFurthermore, the backwards incompatibility of this change is well documented here and is extensive:\n\nhttps://api.mongodb.org/python/current/changelog.html#changes-in-version-3-0", "timestamp": "2016-01-14 18:46:51", "update_id": 41086, "user_id": 897, "id": 377335, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377337, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "Furthermore, the backwards incompatibility of this change is well documented here and is extensive:\n\nhttps://api.mongodb.org/python/current/changelog.html#changes-in-version-3-0", "timestamp": "2016-01-14 18:49:33", "update_id": 41085, "user_id": 897, "id": 377337, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377339, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "As observed by rbarlow, this would break potentially a lot of projects; anyone who uses pymongo in fedora.", "timestamp": "2016-01-14 18:58:22", "update_id": 41084, "user_id": 1884, "id": 377339, "testcase_feedback": [], "user": {"name": "mhrivnak", "email": "mhrivnak@redhat.com", "id": 1884, "avatar": "https://seccdn.libravatar.org/avatar/b67bbd5503734ef6ec9d0223a1e04e3ef82381942dc7a098ad2c786b94fbe7a7?s=24&d=retro", "openid": "mhrivnak.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377340, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "As observed by rbarlow, this would break potentially a lot of projects; anyone who uses pymongo in fedora.", "timestamp": "2016-01-14 18:58:31", "update_id": 41087, "user_id": 1884, "id": 377340, "testcase_feedback": [], "user": {"name": "mhrivnak", "email": "mhrivnak@redhat.com", "id": 1884, "avatar": "https://seccdn.libravatar.org/avatar/b67bbd5503734ef6ec9d0223a1e04e3ef82381942dc7a098ad2c786b94fbe7a7?s=24&d=retro", "openid": "mhrivnak.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377341, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2016-01-14 18:58:56", "update_id": 41086, "user_id": 2383, "id": 377341, "testcase_feedback": [], "user": {"name": "jcline", "email": "jeremy@jcline.org", "id": 2383, "avatar": "https://seccdn.libravatar.org/avatar/1a108f46a960aa35efcabd0b779cd59b8c3aba2927213fe63373921e1aa3fac4?s=24&d=retro", "openid": "jcline.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "communishift"}, {"name": "erlang"}, {"name": "erlang-maint-sig"}, {"name": "cloud-sig"}]}}}, {"karma": 0, "comment_id": 377342, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "As observed by rbarlow, this would break potentially a lot of projects; anyone who uses pymongo in epel.", "timestamp": "2016-01-14 18:58:54", "update_id": 41086, "user_id": 1884, "id": 377342, "testcase_feedback": [], "user": {"name": "mhrivnak", "email": "mhrivnak@redhat.com", "id": 1884, "avatar": "https://seccdn.libravatar.org/avatar/b67bbd5503734ef6ec9d0223a1e04e3ef82381942dc7a098ad2c786b94fbe7a7?s=24&d=retro", "openid": "mhrivnak.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377343, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2016-01-14 18:59:11", "update_id": 41084, "user_id": 2383, "id": 377343, "testcase_feedback": [], "user": {"name": "jcline", "email": "jeremy@jcline.org", "id": 2383, "avatar": "https://seccdn.libravatar.org/avatar/1a108f46a960aa35efcabd0b779cd59b8c3aba2927213fe63373921e1aa3fac4?s=24&d=retro", "openid": "jcline.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "communishift"}, {"name": "erlang"}, {"name": "erlang-maint-sig"}, {"name": "cloud-sig"}]}}}, {"karma": 0, "comment_id": 377344, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2016-01-14 18:59:18", "update_id": 41087, "user_id": 2383, "id": 377344, "testcase_feedback": [], "user": {"name": "jcline", "email": "jeremy@jcline.org", "id": 2383, "avatar": "https://seccdn.libravatar.org/avatar/1a108f46a960aa35efcabd0b779cd59b8c3aba2927213fe63373921e1aa3fac4?s=24&d=retro", "openid": "jcline.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "communishift"}, {"name": "erlang"}, {"name": "erlang-maint-sig"}, {"name": "cloud-sig"}]}}}, {"karma": 0, "comment_id": 377351, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "Per the update policy, under the \"Philosophy\" section,\n\n\"Releases of the Fedora distribution are like releases of the individual packages that compose it. A major version number reflects a more-or-less stable set of features and functionality. As a result, we should avoid major updates of packages within a stable release. Updates should aim to fix bugs, and not introduce features, particularly when those features would materially affect the user or developer experience. The update rate for any given release should drop off over time, approaching zero near release end-of-life; since updates are primarily bugfixes, fewer and fewer should be needed over time.\"\n\nhttps://fedoraproject.org/wiki/Updates_Policy\n\nThis is a major version update of the package, breaking backwards compatibility with the previous major version.  I suggest finding an alternate solution.  \n\nIt is already noted here that this will break functionality for one package (Pulp)", "timestamp": "2016-01-14 19:16:28", "update_id": 41087, "user_id": 2279, "id": 377351, "testcase_feedback": [], "user": {"name": "pcreech17", "email": "pcreech@redhat.com", "id": 2279, "avatar": "https://seccdn.libravatar.org/avatar/395a3a7b34a4f0e3e5e1aa1ee8671153553739cfe10e0e5293a9cac78751795b?s=24&d=retro", "openid": "pcreech17.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377352, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "Per the update policy, under the \"Philosophy\" section,\n\"Releases of the Fedora distribution are like releases of the individual packages that compose it. A major version number reflects a more-or-less stable set of features and functionality. As a result, we should avoid major updates of packages within a stable release. Updates should aim to fix bugs, and not introduce features, particularly when those features would materially affect the user or developer experience. The update rate for any given release should drop off over time, approaching zero near release end-of-life; since updates are primarily bugfixes, fewer and fewer should be needed over time.\"\nhttps://fedoraproject.org/wiki/Updates_Policy\nThis is a major version update of the package, breaking backwards compatibility with the previous major version. I suggest finding an alternate solution.\nIt is already noted here that this will break functionality for one package (Pulp)", "timestamp": "2016-01-14 19:17:32", "update_id": 41086, "user_id": 2279, "id": 377352, "testcase_feedback": [], "user": {"name": "pcreech17", "email": "pcreech@redhat.com", "id": 2279, "avatar": "https://seccdn.libravatar.org/avatar/395a3a7b34a4f0e3e5e1aa1ee8671153553739cfe10e0e5293a9cac78751795b?s=24&d=retro", "openid": "pcreech17.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377353, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "Per the update policy, under the \"Philosophy\" section,\n\"Releases of the Fedora distribution are like releases of the individual packages that compose it. A major version number reflects a more-or-less stable set of features and functionality. As a result, we should avoid major updates of packages within a stable release. Updates should aim to fix bugs, and not introduce features, particularly when those features would materially affect the user or developer experience. The update rate for any given release should drop off over time, approaching zero near release end-of-life; since updates are primarily bugfixes, fewer and fewer should be needed over time.\"\nhttps://fedoraproject.org/wiki/Updates_Policy\nThis is a major version update of the package, breaking backwards compatibility with the previous major version. I suggest finding an alternate solution.\nIt is already noted here that this will break functionality for one package (Pulp)", "timestamp": "2016-01-14 19:18:01", "update_id": 41085, "user_id": 2279, "id": 377353, "testcase_feedback": [], "user": {"name": "pcreech17", "email": "pcreech@redhat.com", "id": 2279, "avatar": "https://seccdn.libravatar.org/avatar/395a3a7b34a4f0e3e5e1aa1ee8671153553739cfe10e0e5293a9cac78751795b?s=24&d=retro", "openid": "pcreech17.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377354, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "Per the update policy, under the \"Philosophy\" section,\n\"Releases of the Fedora distribution are like releases of the individual packages that compose it. A major version number reflects a more-or-less stable set of features and functionality. As a result, we should avoid major updates of packages within a stable release. Updates should aim to fix bugs, and not introduce features, particularly when those features would materially affect the user or developer experience. The update rate for any given release should drop off over time, approaching zero near release end-of-life; since updates are primarily bugfixes, fewer and fewer should be needed over time.\"\nhttps://fedoraproject.org/wiki/Updates_Policy\nThis is a major version update of the package, breaking backwards compatibility with the previous major version. I suggest finding an alternate solution.\nIt is already noted here that this will break functionality for one package (Pulp)", "timestamp": "2016-01-14 19:18:36", "update_id": 41084, "user_id": 2279, "id": 377354, "testcase_feedback": [], "user": {"name": "pcreech17", "email": "pcreech@redhat.com", "id": 2279, "avatar": "https://seccdn.libravatar.org/avatar/395a3a7b34a4f0e3e5e1aa1ee8671153553739cfe10e0e5293a9cac78751795b?s=24&d=retro", "openid": "pcreech17.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377563, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "stop messing w/ my update, besides pulp is not in fedora repositories. Until now, it broke no fedora packages.", "timestamp": "2016-01-15 12:16:16", "update_id": 41084, "user_id": 222, "id": 377563, "testcase_feedback": [], "user": {"name": "hguemar", "email": "karlthered@gmail.com", "id": 222, "avatar": "https://seccdn.libravatar.org/avatar/21751e7ac6415a04d74130ce9b3235b7e41d8a15e71f7fc40c5bec45e493a516?s=24&d=retro", "openid": "hguemar.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "python-sig"}, {"name": "openstack-sig"}, {"name": "sig-storage"}, {"name": "gitbeefymiracle"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "python-packagers-sig"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitovirt"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "atomic-wg"}]}}}, {"karma": 0, "comment_id": 377567, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "Stop messing w/ updates, this is the first time, pulp has been mentioned and it's not even in Fedora repository.\nIt ain't breaking Fedora policy for EL7 and F23.\n\nI compromise w/ F22 and older. As per your advice, find another solution.", "timestamp": "2016-01-15 12:18:04", "update_id": 41086, "user_id": 222, "id": 377567, "testcase_feedback": [], "user": {"name": "hguemar", "email": "karlthered@gmail.com", "id": 222, "avatar": "https://seccdn.libravatar.org/avatar/21751e7ac6415a04d74130ce9b3235b7e41d8a15e71f7fc40c5bec45e493a516?s=24&d=retro", "openid": "hguemar.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "python-sig"}, {"name": "openstack-sig"}, {"name": "sig-storage"}, {"name": "gitbeefymiracle"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "python-packagers-sig"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitovirt"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "atomic-wg"}]}}}, {"karma": 0, "comment_id": 377572, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "Pulp is not in Fedora => no obligation to fix it, this update has sit down for 3 months.\nThis packages do fix issues w/ packages that are in Fedora repositories so if you badly need pymongo v2 JUST SUBMIT A GOODAMN COMPAT PACKAGE.\n\nYou never reached me out until now, so don't revoke updates on your own.", "timestamp": "2016-01-15 12:29:30", "update_id": 41084, "user_id": 222, "id": 377572, "testcase_feedback": [], "user": {"name": "hguemar", "email": "karlthered@gmail.com", "id": 222, "avatar": "https://seccdn.libravatar.org/avatar/21751e7ac6415a04d74130ce9b3235b7e41d8a15e71f7fc40c5bec45e493a516?s=24&d=retro", "openid": "hguemar.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "python-sig"}, {"name": "openstack-sig"}, {"name": "sig-storage"}, {"name": "gitbeefymiracle"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "python-packagers-sig"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitovirt"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "atomic-wg"}]}}}, {"karma": 0, "comment_id": 377577, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "If pulp developers continue interfering w/ Fedora updates, I'm considering to raise this to Fesco.", "timestamp": "2016-01-15 12:42:07", "update_id": 41084, "user_id": 222, "id": 377577, "testcase_feedback": [], "user": {"name": "hguemar", "email": "karlthered@gmail.com", "id": 222, "avatar": "https://seccdn.libravatar.org/avatar/21751e7ac6415a04d74130ce9b3235b7e41d8a15e71f7fc40c5bec45e493a516?s=24&d=retro", "openid": "hguemar.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "python-sig"}, {"name": "openstack-sig"}, {"name": "sig-storage"}, {"name": "gitbeefymiracle"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "python-packagers-sig"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitovirt"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "atomic-wg"}]}}}, {"karma": 0, "comment_id": 377582, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "Seems that pulp has been added to Fedora recently and is only available in rawhide. So basically this is still a non-issue for updates/", "timestamp": "2016-01-15 12:45:28", "update_id": 41084, "user_id": 222, "id": 377582, "testcase_feedback": [], "user": {"name": "hguemar", "email": "karlthered@gmail.com", "id": 222, "avatar": "https://seccdn.libravatar.org/avatar/21751e7ac6415a04d74130ce9b3235b7e41d8a15e71f7fc40c5bec45e493a516?s=24&d=retro", "openid": "hguemar.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "python-sig"}, {"name": "openstack-sig"}, {"name": "sig-storage"}, {"name": "gitbeefymiracle"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "python-packagers-sig"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitovirt"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "atomic-wg"}]}}}, {"karma": 0, "comment_id": 377584, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "pulp is not in F22", "timestamp": "2016-01-15 12:47:34", "update_id": 41087, "user_id": 222, "id": 377584, "testcase_feedback": [], "user": {"name": "hguemar", "email": "karlthered@gmail.com", "id": 222, "avatar": "https://seccdn.libravatar.org/avatar/21751e7ac6415a04d74130ce9b3235b7e41d8a15e71f7fc40c5bec45e493a516?s=24&d=retro", "openid": "hguemar.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "python-sig"}, {"name": "openstack-sig"}, {"name": "sig-storage"}, {"name": "gitbeefymiracle"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "python-packagers-sig"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitovirt"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "atomic-wg"}]}}}, {"karma": 0, "comment_id": 377588, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "This is inappropriate. The update policy does not say that it only applies for dependencies that are in Fedora - you are NOT to make backwards incompatible changes. Many projects depend on the distribution to be stable. Do not push this change again.", "timestamp": "2016-01-15 13:05:01", "update_id": 41087, "user_id": 897, "id": 377588, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377589, "bug_id": 1231231, "comment": {"karma": -1, "karma_critpath": 0, "text": "This is inappropriate. The update policy does not say that it only applies for dependencies that are in Fedora - you are NOT to make backwards incompatible changes. Many projects depend on the distribution to be stable. Do not push this change again.", "timestamp": "2016-01-15 13:05:31", "update_id": 41086, "user_id": 897, "id": 377589, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 377590, "bug_id": 1231231, "comment": {"karma": 0, "karma_critpath": 0, "text": "This is inappropriate. The update policy does not say that it only applies for dependencies that are in Fedora - you are NOT to make backwards incompatible changes. Many projects depend on the distribution to be stable. Do not push this change again.", "timestamp": "2016-01-15 13:05:49", "update_id": 41084, "user_id": 897, "id": 377590, "testcase_feedback": [], "user": {"name": "rbarlow", "email": "strava@electronsweatshop.com", "id": 897, "avatar": "https://seccdn.libravatar.org/avatar/dcf5c29d52584f9daa55c4ea01aa081f9514df135544af267c1a0b70fc948fcf?s=24&d=retro", "openid": "rbarlow.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}]}], "updateid": "FEDORA-2016-52b294538d", "karma": 0, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}