| [11:14:40] | * theMusician has joined #aegir |
| [11:42:48] | * theMusician has quit (Quit: theMusician) |
| [16:23:48] | * ybabel has joined #aegir |
| [22:02:59] | * noecc has joined #aegir |
| [00:16:00] | <helmo42[m]> | hefring: tell kavi problem solved: https://www.drupal.org/project/hosting_git/issues/2960635 |
| [00:16:00] | <hefring> | https://www.drupal.org/project/hosting_git/issues/2960635 => Fix permissmion names [#2960635] => 4 comments, 1 IRC mention |
| [00:16:00] | <hefring> | helmo42[m]: I'll pass that on when kavi is around. |
| [00:17:46] | <helmo42[m]> | jonpugh: ^^ might affect you too |
| [01:45:46] | * realityloop has joined #aegir |
| [02:00:29] | * ybabel has quit (Quit: ybabel) |
| [02:07:39] | * realityloop has quit (Quit: Leaving..) |
| [04:36:53] | * TaoStyle has joined #aegir |
| [04:44:52] | * TaoStyle has quit (Quit: leaving) |
| [04:59:48] | * noecc has left #aegir ("pax") |
| [05:45:17] | <jonpugh> | helmo42[m]: sorry for the late patch, but I've received some mitigating config for apache/nginx from _mig5, we should probably do another release asap |
| [05:46:18] | <jonpugh> | It's looking pretty bad https://twitter.com/greg_1_anderson/status/984797182653026304 |
| [05:51:29] | <helmo42[m]> | jonpugh: I'm not following ... do you have a link? |
| [05:51:38] | <jonpugh> | yes |
| [05:56:26] | <jonpugh> | memtkmcc: are you around? |
| [05:56:30] | <jonpugh> | can you review the nginx? |
| [06:24:53] | <helmo42[m]> | colan: can you review the nginx part of https://www.drupal.org/project/provision/issues/2960825 |
| [06:24:54] | <hefring> | https://www.drupal.org/project/provision/issues/2960825 => Add apache/nginx config to mitigate SA-CORE-2018-002 [#2960825] => 3 comments, 1 IRC mention |
| [06:26:10] | <jonpugh> | helmo42[m]: I am going to tweet from aegirproject with the config in this gist: https://gist.github.com/jonpugh/88cfb0aad1ef18c0016486557fcb28fe |
| [06:26:38] | <jonpugh> | I don't think we should wait any longer, security team gave me permission to release and the source that wrote this is trusted |
| [06:27:25] | <helmo42[m]> | Can we add a line that patching the Drupal sites is still the preferred option ? |
| [06:28:28] | <colan> | helmo42: jonpugh I should be able to take a look later tonight, but that patch there appears to be empty?? Should I just look at the commit? |
| [06:28:39] | <jonpugh> | oh sure |
| [06:28:42] | <jonpugh> | sorry |
| [06:28:47] | <jonpugh> | just look at the commit |
| [06:28:53] | <jonpugh> | the less this stuff is around the better, anyway |
| [06:29:29] | <jonpugh> | helmo42[m]: sure, always update your sites |
| [06:29:38] | <jonpugh> | I'll update the gist |
| [06:29:40] | <colan> | jonpugh: did you put a / in the file name maybe? |
| [06:30:03] | <jonpugh> | nope forgot the branch :) |
| [06:30:04] | <jonpugh> | git diff > 2960825-mitigation.patch |
| [06:30:49] | <jonpugh> | ok colan updated |
| [06:45:41] | <helmo42[m]> | I think the snippit needs to be in the vhost instead |
| [06:52:32] | <jonpugh> | for which, apache or nginx or both? |
| [06:52:45] | <helmo42[m]> | apache |
| [06:52:55] | <jonpugh> | doh |
| [06:58:11] | <helmo42[m]> | I just updated the branch for apache ... but for the vhost we also have a template in h_https :( |
| [06:58:33] | <jonpugh> | Ah right |
| [06:59:07] | <jonpugh> | We need to test nginx conf too... I have to go feed the family now, though |
| [06:59:38] | <helmo42[m]> | I also have to go soon .. but will do one last apach test |
| [07:01:01] | <colan> | we can pick this up tomorrow; my work day's running out too. |
| [07:05:16] | <helmo42[m]> | not sure how much time I can find but I'll check in tomorror ... apache patch for hosting_https is in the issue now. |
| [07:52:44] | * Yaazkal has joined #aegir |
| [08:49:13] | <colan> | anyone else running into this? https://www.drupal.org/project/grn/issues/2960856 |
| [08:49:13] | <hefring> | https://www.drupal.org/project/grn/issues/2960856 => cgit URLs are wrong, results in "No repositories found" [#2960856] => 0 comments, 1 IRC mention |
