Hacker News new | ask | show | jobs
by w-m 2601 days ago
Here are the actual release notes (which don't seem to be linked anywhere from this marketing page):

https://access.redhat.com/documentation/en-us/red_hat_enterp...
1 comments
CiPHPerCoder 2601 days ago
Good news: They ship PHP 7.2

Bad news: ...without ext/sodium

That's a frankly irresponsible decision for Red Hat to make.

link
Conan_Kudo 2599 days ago
> That's a frankly irresponsible decision for Red Hat to make.

You say that without knowing anything at all about the situation? If you're a Red Hat customer, you could file a support ticket to get it pulled back in.

Historically speaking, Red Hat is rather conservative about the number of crypto libraries they pull into their system because of the requirement to validate the system for certifications. But if there are legitimate requirements to have it included and managed by the base system, then usually they'll work to fix this if they are informed that it's needed.

Again, if no one has officially requested it, then why would they pull it in?

It can also help to file bugs on RHEL 8 in the Red Hat Bugzilla: https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%...

link
CiPHPerCoder 2594 days ago
> If you're a Red Hat customer, you could file a support ticket to get it pulled back in.

I have never spent $1 of my own money on Red Hat. After seeing this, I never will.

link
Conan_Kudo 2580 days ago
Just so you know, there's a bug report requesting this extension to be enabled and shipped: https://bugzilla.redhat.com/show_bug.cgi?id=1714591
link
Conan_Kudo 2594 days ago
You could also file a bug report in Red Hat Bugzilla even as a non-customer. But clearly you think that Red Hat is being malicious about this, which is definitely not the case.
link
wbl 2601 days ago
Red Hat has a long history of harming cryptography.
link
Conan_Kudo 2599 days ago
That's not fair. If you want to blame something for that, blame software patents. Some stuff used to be a huge minefield because of that.
link
beefhash 2601 days ago
Is it perhaps in a separate package, at least?
link
CiPHPerCoder 2601 days ago
No. https://twitter.com/fkooman/status/1125767993764536321
link
eclipseo76 2601 days ago
In EPEL probably https://twitter.com/RemiCollet/status/1063323527770750976
link
X-Istence 2601 days ago
The enterprises I've worked where we've used RHEL... epel is not allowed near a system, only officially sanctioned repos and updates.
link
justinclift 2600 days ago
Isn't EPEL the "officially sanctioned" third party repo?
link