Abuse filter log

From Gentoo Wiki
Abuse Filter navigation (Home | Recent filter changes | Examine past edits | Abuse log)
Jump to:navigation Jump to:search
Details for log entry 2,917

19:35, 13 January 2021: Bman (talk | contribs) triggered filter 15, performing the action "edit" on Project:LibreSSL. Actions taken: Tag; Filter description: Removed Project Member (examine)

Changes made in edit

 
|Role=Developer
 
|Role=Developer
 
|IsLead=Yes
 
|IsLead=Yes
}}{{Project Member
 
|Developer=User:Bman
 
|Role=Developer
 
|IsLead=No
 
 
}}{{Project Member
 
}}{{Project Member
 
|Developer=User:Zx2c4
 
|Developer=User:Zx2c4

Action parameters

VariableValue
Edit count of the user (user_editcount)
62
Name of the user account (user_name)
'Bman'
Age of the user account (user_age)
185742413
Page ID (page_id)
163754
Page namespace (page_namespace)
510
Page title (without namespace) (page_title)
'LibreSSL'
Full page title (page_prefixedtitle)
'Project:LibreSSL'
Action (action)
'edit'
Edit summary/reason (summary)
''
Old content model (old_content_model)
'wikitext'
New content model (new_content_model)
'wikitext'
Old page wikitext, before the edit (old_wikitext)
'{{Project |Name=LibreSSL |Description=LibreSSL is a fork of, and drop in replacement for OpenSSL. Primary development is done in OpenBSD, but it is ported to Linux as well. The LibreSSL project aims to bring support for this alternative SSL provider to Gentoo Linux. |Email=libressl@gentoo.org |IRC=#gentoo-libressl |ParentProject=Project:Gentoo |PropagatesMembers=No |LeadElectionDate=2019/04/17 |Members={{Project Member |Developer=User:Blueness |Role=Developer |IsLead=Yes }}{{Project Member |Developer=User:Bman |Role=Developer |IsLead=No }}{{Project Member |Developer=User:Zx2c4 |Role=Developer |IsLead=No }}{{Project Member |Developer=User:Soap |Role=Developer |IsLead=No }}{{Project Member |Developer=User:Steils |Role=Developer |IsLead=No }}{{Project Member |IsLead=No }} }} {{Warning|As of 2021-02-01, [https://www.gentoo.org/support/news-items/2021-01-05-libressl-support-discontinued.html LibreSSL will no longer be officially supported in Gentoo]. It will still be possible to use LibreSSL to some degree after this date but migration to OpenSSL is strongly recommended. The interested users will continue the development of unofficial LibreSSL support in the [https://gitweb.gentoo.org/repo/proj/libressl.git/tree/README.md LibreSSL overlay].}} [http://www.libressl.org/ LibreSSL] is a fork of, and drop-in replacement for [http://openssl.org/ OpenSSL]. It was originally a response to the infamous [http://heartbleed.com/ heartbleed] vulnerability, which was a serious security flaw in one of the most popular SSL providers in use. So, some OpenBSD developers decided that they would fork in order to "modernize the codebase, improve security, and apply best practice development processes." While LibreSSL has not been without its own vulnerabilities (see below), some of which it shared with OpenSSL, there has been improvements with its emphasis on security. For example, the LibreSSL team's response to the [https://en.wikipedia.org/wiki/POODLE POODLE] vulnerability was to disable the use of SSL 3.0 by default. LibreSSL is not without its criticisms, however. Despite the fact that LibreSSL has as a stated goal complete API compatibility with OpenSSL, as a fork, its ABI may diverge over time, creating subtle incompatibility as a simple drop-in replacement. This is worse than some package simply not build against LibreSSL. Rather, a package built against OpenSSL may later link and run against LibreSSL, should one library be replaced with the other, but that package may misbehave. The size of some struct be off by a few bytes, or the parameters of some function might not align in the same way. This in turn can lead to unpredictable behavior, crashes or worse, exploits. So LibreSSL has been criticized for using the same library file name and even the same SONAME as OpenSSL. So the project of porting LibreSSL to Gentoo must not be ignorant of the possible (inevitable?) ABI incompatibilities between the two. We cannot support a system where one can just switch between OpenSSL and LibreSSL without subsequently rebuilding their dependencies to make sure any ABI incompatibilities are addressed. https://github.com/gentoo/libressl * [https://wiki.freebsd.org/LibreSSL FreeBSD Port of LibreSSL] * [https://flameeyes.blog/2014/07/libressl-drop-in-and-abi-leakage ABI Leakage] * [https://wiki.freebsd.org/LibreSSL/History List of LibreSSL Releases and Vulnerabilities] * [https://www.openssl.org/news/vulnerabilities.html List of OpenSSL Vulnerabilities]'
New page wikitext, after the edit (new_wikitext)
'{{Project |Name=LibreSSL |Description=LibreSSL is a fork of, and drop in replacement for OpenSSL. Primary development is done in OpenBSD, but it is ported to Linux as well. The LibreSSL project aims to bring support for this alternative SSL provider to Gentoo Linux. |Email=libressl@gentoo.org |IRC=#gentoo-libressl |ParentProject=Project:Gentoo |PropagatesMembers=No |LeadElectionDate=2019/04/17 |Members={{Project Member |Developer=User:Blueness |Role=Developer |IsLead=Yes }}{{Project Member |Developer=User:Zx2c4 |Role=Developer |IsLead=No }}{{Project Member |Developer=User:Soap |Role=Developer |IsLead=No }}{{Project Member |Developer=User:Steils |Role=Developer |IsLead=No }}{{Project Member |IsLead=No }} }} {{Warning|As of 2021-02-01, [https://www.gentoo.org/support/news-items/2021-01-05-libressl-support-discontinued.html LibreSSL will no longer be officially supported in Gentoo]. It will still be possible to use LibreSSL to some degree after this date but migration to OpenSSL is strongly recommended. The interested users will continue the development of unofficial LibreSSL support in the [https://gitweb.gentoo.org/repo/proj/libressl.git/tree/README.md LibreSSL overlay].}} [http://www.libressl.org/ LibreSSL] is a fork of, and drop-in replacement for [http://openssl.org/ OpenSSL]. It was originally a response to the infamous [http://heartbleed.com/ heartbleed] vulnerability, which was a serious security flaw in one of the most popular SSL providers in use. So, some OpenBSD developers decided that they would fork in order to "modernize the codebase, improve security, and apply best practice development processes." While LibreSSL has not been without its own vulnerabilities (see below), some of which it shared with OpenSSL, there has been improvements with its emphasis on security. For example, the LibreSSL team's response to the [https://en.wikipedia.org/wiki/POODLE POODLE] vulnerability was to disable the use of SSL 3.0 by default. LibreSSL is not without its criticisms, however. Despite the fact that LibreSSL has as a stated goal complete API compatibility with OpenSSL, as a fork, its ABI may diverge over time, creating subtle incompatibility as a simple drop-in replacement. This is worse than some package simply not build against LibreSSL. Rather, a package built against OpenSSL may later link and run against LibreSSL, should one library be replaced with the other, but that package may misbehave. The size of some struct be off by a few bytes, or the parameters of some function might not align in the same way. This in turn can lead to unpredictable behavior, crashes or worse, exploits. So LibreSSL has been criticized for using the same library file name and even the same SONAME as OpenSSL. So the project of porting LibreSSL to Gentoo must not be ignorant of the possible (inevitable?) ABI incompatibilities between the two. We cannot support a system where one can just switch between OpenSSL and LibreSSL without subsequently rebuilding their dependencies to make sure any ABI incompatibilities are addressed. https://github.com/gentoo/libressl * [https://wiki.freebsd.org/LibreSSL FreeBSD Port of LibreSSL] * [https://flameeyes.blog/2014/07/libressl-drop-in-and-abi-leakage ABI Leakage] * [https://wiki.freebsd.org/LibreSSL/History List of LibreSSL Releases and Vulnerabilities] * [https://www.openssl.org/news/vulnerabilities.html List of OpenSSL Vulnerabilities]'
Unified diff of changes made by edit (edit_diff)
'@@ -11,8 +11,4 @@ |Role=Developer |IsLead=Yes -}}{{Project Member -|Developer=User:Bman -|Role=Developer -|IsLead=No }}{{Project Member |Developer=User:Zx2c4 '
Old page size (old_size)
3493
Lines added in edit (added_lines)
[]
Lines removed in edit (removed_lines)
[ 0 => '}}{{Project Member', 1 => '|Developer=User:Bman', 2 => '|Role=Developer', 3 => '|IsLead=No' ]
New page text, stripped of any markup (new_text)
' LibreSSL Description LibreSSL is a fork of, and drop in replacement for OpenSSL. Primary development is done in OpenBSD, but it is ported to Linux as well. The LibreSSL project aims to bring support for this alternative SSL provider to Gentoo Linux. Project email libressl@gentoo.org IRC channel #gentoo-libressl Lead(s) Anthony G. Basile (blueness)Developer Last elected: 2019/04/17 Member(s) Aaron Bauman (bman)DeveloperDavid Seifert (soap)DeveloperStefan Strogin (steils)DeveloperJason A. Donenfeld (zx2c4)Developer Subproject(s)(and inherited member(s)) (none) Parent Project Gentoo Project listing WarningAs of 2021-02-01, LibreSSL will no longer be officially supported in Gentoo. It will still be possible to use LibreSSL to some degree after this date but migration to OpenSSL is strongly recommended. The interested users will continue the development of unofficial LibreSSL support in the LibreSSL overlay. LibreSSL is a fork of, and drop-in replacement for OpenSSL. It was originally a response to the infamous heartbleed vulnerability, which was a serious security flaw in one of the most popular SSL providers in use. So, some OpenBSD developers decided that they would fork in order to "modernize the codebase, improve security, and apply best practice development processes." While LibreSSL has not been without its own vulnerabilities (see below), some of which it shared with OpenSSL, there has been improvements with its emphasis on security. For example, the LibreSSL team's response to the POODLE vulnerability was to disable the use of SSL 3.0 by default. LibreSSL is not without its criticisms, however. Despite the fact that LibreSSL has as a stated goal complete API compatibility with OpenSSL, as a fork, its ABI may diverge over time, creating subtle incompatibility as a simple drop-in replacement. This is worse than some package simply not build against LibreSSL. Rather, a package built against OpenSSL may later link and run against LibreSSL, should one library be replaced with the other, but that package may misbehave. The size of some struct be off by a few bytes, or the parameters of some function might not align in the same way. This in turn can lead to unpredictable behavior, crashes or worse, exploits. So LibreSSL has been criticized for using the same library file name and even the same SONAME as OpenSSL. So the project of porting LibreSSL to Gentoo must not be ignorant of the possible (inevitable?) ABI incompatibilities between the two. We cannot support a system where one can just switch between OpenSSL and LibreSSL without subsequently rebuilding their dependencies to make sure any ABI incompatibilities are addressed. https://github.com/gentoo/libressl FreeBSD Port of LibreSSL ABI Leakage List of LibreSSL Releases and Vulnerabilities List of OpenSSL Vulnerabilities'
Parsed HTML source of the new revision (new_html)
'<div class="mw-parser-output"><table class="table table-condensed" style="width: 30em; font-size: 95%; border: 1px solid #ddd; background-color: #f9f9f9; color: black; margin-bottom: 0.5em; margin-left: 1em; padding: 0.2em; float: right; clear: right; text-align:left;"> <tbody><tr> <th style="text-align: center; background-color:#3E355A; color: white;" colspan="2"><big>LibreSSL</big> </th></tr> <tr valign="top"> <th>Description </th> <td style="text-align: justify;">LibreSSL is a fork of, and drop in replacement for OpenSSL. Primary development is done in OpenBSD, but it is ported to Linux as well. The LibreSSL project aims to bring support for this alternative SSL provider to Gentoo Linux. </td></tr> <tr> <th><span title="Mails to member(s) listed below.">Project email</span> </th> <td><a rel="nofollow" class="external text" href="mailto:libressl@gentoo.org">libressl@gentoo.org</a> </td></tr> <tr> <th><span title="The link opens a webchat to this project&#39;s Freenode IRC channel.">IRC channel</span> </th> <td><a rel="nofollow" class="external text" href="https://webchat.freenode.net/?channels=gentoo-libressl">#gentoo-libressl</a> </td></tr> <tr valign="top"> <th>Lead(s) </th> <td><ul><li><a href="/wiki/User:Blueness" title="User:Blueness">Anthony G. Basile</a> (blueness)<br /><i>Developer</i></li></ul> <br />Last elected: 2019/04/17 </td></tr> <tr valign="top"> <th>Member(s) </th> <td><ul><li><a href="/wiki/User:Bman" title="User:Bman">Aaron Bauman</a> (bman)<br /><i>Developer</i></li><li><a href="/wiki/User:Soap" title="User:Soap">David Seifert</a> (soap)<br /><i>Developer</i></li><li><a href="/wiki/User:Steils" title="User:Steils">Stefan Strogin</a> (steils)<br /><i>Developer</i></li><li><a href="/wiki/User:Zx2c4" title="User:Zx2c4">Jason A. Donenfeld</a> (zx2c4)<br /><i>Developer</i></li></ul> </td></tr> <tr valign="top"> <th>Subproject(s)<br /><small style="font-weight: normal;">(and inherited member(s))</small> </th> <td>(none) </td></tr> <tr> <th>Parent Project </th> <td><a href="/wiki/Project:Gentoo" title="Project:Gentoo">Gentoo</a> </td></tr> <tr> <td colspan="2" style="border-top: 1px solid #ddd; font-size: smaller; text-align: center;"><a href="/wiki/Project:Gentoo" title="Project:Gentoo">Project listing</a> </td></tr></tbody></table> <p><br /> </p> <div class="alert alert-danger gw-box" style="padding-top: 8px; padding-bottom: 8px;"><strong><i class="fa fa-exclamation-triangle"></i> Warning</strong><br />As of 2021-02-01, <a rel="nofollow" class="external text" href="https://www.gentoo.org/support/news-items/2021-01-05-libressl-support-discontinued.html">LibreSSL will no longer be officially supported in Gentoo</a>. It will still be possible to use LibreSSL to some degree after this date but migration to OpenSSL is strongly recommended. The interested users will continue the development of unofficial LibreSSL support in the <a rel="nofollow" class="external text" href="https://gitweb.gentoo.org/repo/proj/libressl.git/tree/README.md">LibreSSL overlay</a>.</div> <p><a rel="nofollow" class="external text" href="http://www.libressl.org/">LibreSSL</a> is a fork of, and drop-in replacement for <a rel="nofollow" class="external text" href="https://openssl.org/">OpenSSL</a>. It was originally a response to the infamous <a rel="nofollow" class="external text" href="http://heartbleed.com/">heartbleed</a> vulnerability, which was a serious security flaw in one of the most popular SSL providers in use. So, some OpenBSD developers decided that they would fork in order to "modernize the codebase, improve security, and apply best practice development processes." While LibreSSL has not been without its own vulnerabilities (see below), some of which it shared with OpenSSL, there has been improvements with its emphasis on security. For example, the LibreSSL team's response to the <a rel="nofollow" class="external text" href="https://en.wikipedia.org/wiki/POODLE">POODLE</a> vulnerability was to disable the use of SSL 3.0 by default. </p><p>LibreSSL is not without its criticisms, however. Despite the fact that LibreSSL has as a stated goal complete API compatibility with OpenSSL, as a fork, its ABI may diverge over time, creating subtle incompatibility as a simple drop-in replacement. This is worse than some package simply not build against LibreSSL. Rather, a package built against OpenSSL may later link and run against LibreSSL, should one library be replaced with the other, but that package may misbehave. The size of some struct be off by a few bytes, or the parameters of some function might not align in the same way. This in turn can lead to unpredictable behavior, crashes or worse, exploits. So LibreSSL has been criticized for using the same library file name and even the same SONAME as OpenSSL. </p><p>So the project of porting LibreSSL to Gentoo must not be ignorant of the possible (inevitable?) ABI incompatibilities between the two. We cannot support a system where one can just switch between OpenSSL and LibreSSL without subsequently rebuilding their dependencies to make sure any ABI incompatibilities are addressed. <a rel="nofollow" class="external free" href="https://github.com/gentoo/libressl">https://github.com/gentoo/libressl</a> </p> <ul><li><a rel="nofollow" class="external text" href="https://wiki.freebsd.org/LibreSSL">FreeBSD Port of LibreSSL</a></li> <li><a rel="nofollow" class="external text" href="https://flameeyes.blog/2014/07/libressl-drop-in-and-abi-leakage">ABI Leakage</a></li> <li><a rel="nofollow" class="external text" href="https://wiki.freebsd.org/LibreSSL/History">List of LibreSSL Releases and Vulnerabilities</a></li> <li><a rel="nofollow" class="external text" href="https://www.openssl.org/news/vulnerabilities.html">List of OpenSSL Vulnerabilities</a></li></ul> '
Unix timestamp of change (timestamp)
1610566531