Correcting the priority from 60/40 to Normal

Should be fixed by removing pytz from our repositories.

I've disabled registration.

In T4049#62669, @vanmeeuwen wrote:

As the 750+ packages are now rebuilding, I'm going to declare this issue as resolved. Please reopen / create a new ticket should some discrepancies persist.

Quick question, why is it enabled that users can register on the OBS.

Maybe if you disable gmail, facebook, etc. user login ... as a work around...

Cross-compiling won't work? That how e.g. most Android arm applications are compiled.

The manticore project didn't seem to get built, so "setup-kolab manticore" (referenced on https://docs.kolab.org/upgrade-guide/kolab-16.html) gives:

There's very little chance of Kolab being built on our end, for these architectures.

As the 750+ packages are now rebuilding, I'm going to declare this issue as resolved. Please reopen / create a new ticket should some discrepancies persist.

Now that we have the GPG key thing in the OBS sorted, perhaps it is time to rebuild all of Kolab:16 indeed, and refresh what is referred to as community.asc.

\o/

Alternatively /invite Sigyn and make it an op, that's what we did in the SuperTuxKart channel. Also we auto-give voice after about 20 seconds using a bot, Sigyn will kill the bots before that.

So, that got poked in the face... Happy bug-hunting!

One last item to fix: the link behind the download button.

I don't remember where to do this in a way that fixes it permanently, so I've hot-fixed it.

Disabled registration through third part providers, disabled trusting email addresses associated with those providers.

We currently have a problem with the OTP-20 compatibility of most of the erlang packages. Who would have guessed?

The channel mode has been set to +C +r +s, which should put an end to the spamming.

I don't know what to do about it, to be honest. There doesn't seem to be any modules or settings that protect against this type of thing, as far as I could find.

Bumping priority. Sorry, but this is ridiculous and needs to be resolved NOW, along with T4067 and T4262.

Thanks!

Raising priority. Come on, please fix this - it's ridiculous!

This is now a work in progress. The repository is there (in Winterfell), but not all packages build correctly so far.

Any updates on this?

Fixed. Thanks for the report.

Duplicate of T4049.

As suggested by Jeroen on IRC, I have created a separate account @sicherha-admin. Please give that account permission to battle the bad guys. ;-)

... aaand the next wave has hit.

It just happened again...

Also, the download button points to https://git.kolab.org/tag/bug_reports/ while the image to its left directs to the correct URL.

Just search for tickets with "china".

May I have a reference?

If somebody from Kolab Systems kindly prepares and fills the Ubuntu:18.04 repository in OBS (which is something I don't have the privileges for), I'd be happy to pull the appropriate levers to get the packages to build.

By the way, OBS has an unfortunate tendency to get stuck when a lot of build jobs exist - such as right now. Maybe that issue is fixed in a newer OBS version as well?

Unfortunately it doesn't. I agree that using HTTPS should mitigate the MitM risk, but I still have to explicitly mark the repository as trusted for APT to accept it.

The weakness in SHA1 is a collision risk, not an active compromise vector.

Playing around with a custom-created key (osc signkey --create home:sicherha:Testproject) still yields a repository signed with SHA1 only.