https://bugzilla.redhat.com/show_bug.cgi?id=2107574
Bug ID: 2107574
Summary: fortune(6) man page indentation is messed up for -o
and -s options
Product: Fedora
Version: 36
Status: NEW
Component: fortune-mod
Severity: low
Assignee: sheltren(a)fedoraproject.org
Reporter: rhbugs(a)n-dimensional.de
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
sergio(a)serjux.com, sheltren(a)fedoraproject.org,
shlomif(a)shlomifish.org
Target Milestone: ---
Classification: Fedora
Created attachment 1897376
--> https://bugzilla.redhat.com/attachment.cgi?id=1897376&action=edit
Quick fix patch to the fortune.6 file, copying the formatting -i and -n
Description of problem:
In the fortune(6) man page, the indentation for the description
of the options -o and -s is wrong.
Version-Release number of selected component (if applicable):
fortune-mod-3.12.0-2.fc36.x86_64
How reproducible:
100%
Steps to Reproduce:
1. man fortune
2. type /record or scroll down
Actual results:
filename-record will precede the records from the file it names.
-n length
Set the longest fortune length (in characters) considered to be
“short” (the default is 160). All fortunes longer than this are
considered “long”. Be careful! If you set the length too short and
ask for short fortunes, or too long and ask for long ones, fortune
goes into a never-ending thrash loop.
-o Choose only from potentially offensive aphorisms. The -o option
is ignored if a fortune directory is specified.
Please, please, please request a potentially offensive fortune if
and only if you believe, deep in your heart, that you are willing
to be offended. (And that you'll just quit using -o rather than
give us grief about it, okay?)
... let us keep in mind the basic governing philosophy of The
Brotherhood, as handsomely summarized in these words: we believe in
healthy, hearty laughter -- at the expense of the whole human race,
if needs be. Needs be.
--H. Allen Smith, "Rude Jokes"
-s Short apothegms only. See -n on which fortunes are considered
“short”.
-i
Ignore case for -m patterns.
Expected results:
filename-record will precede the records from the file it names.
-n length
Set the longest fortune length (in characters) considered to be
“short” (the default is 160). All fortunes longer than this are
considered “long”. Be careful! If you set the length too short and
ask for short fortunes, or too long and ask for long ones, fortune
goes into a never-ending thrash loop.
-o
Choose only from potentially offensive aphorisms. The -o option is
ignored if a fortune directory is specified.
Please, please, please request a potentially offensive fortune if
and only if you believe, deep in your heart, that you are willing
to be offended. (And that you'll just quit using -o rather than
give us grief about it, okay?)
... let us keep in mind the basic governing philosophy of The
Brotherhood, as handsomely summarized in these words: we believe in
healthy, hearty laughter -- at the expense of the whole human race,
if needs be. Needs be.
--H. Allen Smith, "Rude Jokes"
-s
Short apothegms only. See -n on which fortunes are considered
“short”.
-i
Ignore case for -m patterns.
Additional info:
The attached patch only fixes the symptoms, not the root cause.
This should probably be fixed somewhere upstream deep inside the mass of perl
scripts building the man pages.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2107574
https://bugzilla.redhat.com/show_bug.cgi?id=2126075
Bug ID: 2126075
Summary: CVE-2021-40648 sys-apps/man2html: multiple
vulnerabilities
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: ybuenos(a)redhat.com
CC: epel-packagers-sig(a)lists.fedoraproject.org,
orion(a)nwra.com, sergio(a)serjux.com,
tchollingsworth(a)gmail.com, viktor.vix.jancik(a)gmail.com
Target Milestone: ---
Classification: Other
CVE-2021-40648:
In man2html 1.6g, a filename can be created to overwrite the previous size
parameter of the next chunk and the fd, bk, fd_nextsize, bk_nextsize of the
current chunk. The next chunk is then freed later on, causing a freeing of an
arbitrary amount of memory.
https://gist.github.com/untaman/cb58123fe89fc65e3984165db5d40933
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2126075
https://bugzilla.redhat.com/show_bug.cgi?id=2126816
Bug ID: 2126816
Summary: CVE-2021-40648 man2html: sys-apps/man2html: multiple
vulnerabilities [fedora-all]
Product: Fedora
Version: 36
Status: NEW
Component: man2html
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: sergio(a)serjux.com
Reporter: ybuenos(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
orion(a)nwra.com, sergio(a)serjux.com,
tchollingsworth(a)gmail.com, viktor.vix.jancik(a)gmail.com
Target Milestone: ---
Classification: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2126816
https://bugzilla.redhat.com/show_bug.cgi?id=2126073
Bug ID: 2126073
Summary: CVE-2021-40647 sys-apps/man2html: multiple
vulnerabilities
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: ybuenos(a)redhat.com
CC: epel-packagers-sig(a)lists.fedoraproject.org,
orion(a)nwra.com, sergio(a)serjux.com,
tchollingsworth(a)gmail.com, viktor.vix.jancik(a)gmail.com
Target Milestone: ---
Classification: Other
CVE-2021-40647:
In man2html 1.6g, a specific string being read in from a file will overwrite
the size parameter in the top chunk of the heap. This at least causes the
program to segmentation abort if the heap size parameter isn't aligned
correctly. In version before GLIBC version 2.29 and aligned correctly, it
allows arbitrary write anywhere in the programs memory.
https://gist.github.com/untaman/cb58123fe89fc65e3984165db5d40933
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2126073
https://bugzilla.redhat.com/show_bug.cgi?id=2126814
Bug ID: 2126814
Summary: CVE-2021-40647 man2html: sys-apps/man2html: multiple
vulnerabilities [fedora-all]
Product: Fedora
Version: 36
Status: NEW
Component: man2html
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: sergio(a)serjux.com
Reporter: ybuenos(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
orion(a)nwra.com, sergio(a)serjux.com,
tchollingsworth(a)gmail.com, viktor.vix.jancik(a)gmail.com
Target Milestone: ---
Classification: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2126814
https://bugzilla.redhat.com/show_bug.cgi?id=2104905
Bug ID: 2104905
Summary: CVE-2022-2097 openssl: AES OCB fails to encrypt some
bytes
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: mcascell(a)redhat.com
CC: bdettelb(a)redhat.com, berrange(a)redhat.com,
bootloader-eng-team(a)redhat.com, caswilli(a)redhat.com,
cfergeau(a)redhat.com, cllang(a)redhat.com,
crobinso(a)redhat.com,
crypto-team(a)lists.fedoraproject.org,
csutherl(a)redhat.com, dbelyavs(a)redhat.com,
ddepaula(a)redhat.com, dffrench(a)redhat.com,
dhalasz(a)redhat.com, dkuc(a)redhat.com, dueno(a)redhat.com,
elima(a)redhat.com,
epel-packagers-sig(a)lists.fedoraproject.org,
erik-fedora(a)vanpienbroek.nl, f4bug(a)amsat.org,
fjansen(a)redhat.com, fmartine(a)redhat.com,
gzaronik(a)redhat.com, jary(a)redhat.com,
jburrell(a)redhat.com, jclere(a)redhat.com,
jferlan(a)redhat.com, jkoehler(a)redhat.com,
jwong(a)redhat.com, jwon(a)redhat.com, kaycoth(a)redhat.com,
krathod(a)redhat.com, kraxel(a)redhat.com,
kshier(a)redhat.com, ktietz(a)redhat.com,
marcandre.lureau(a)redhat.com,
michal.skrivanek(a)redhat.com, michel(a)michel-slm.name,
micjohns(a)redhat.com, mjg59(a)srcf.ucam.org,
mmadzin(a)redhat.com, mperina(a)redhat.com,
mspacek(a)redhat.com, mturk(a)redhat.com,
ngough(a)redhat.com, pbonzini(a)redhat.com,
peholase(a)redhat.com, pjindal(a)redhat.com,
pjones(a)redhat.com, plodge(a)redhat.com,
redhat-bugzilla(a)linuxnetz.de, rgodfrey(a)redhat.com,
rharwood(a)redhat.com, rh-spice-bugs(a)redhat.com,
rjones(a)redhat.com, sahana(a)redhat.com,
sbonazzo(a)redhat.com, stcannon(a)redhat.com,
sthirugn(a)redhat.com, szappis(a)redhat.com,
tfister(a)redhat.com, tm(a)t8m.info,
virt-maint(a)lists.fedoraproject.org,
virt-maint(a)redhat.com, vkrizan(a)redhat.com,
vkumar(a)redhat.com, vmugicag(a)redhat.com
Blocks: 2104175
Target Milestone: ---
Classification: Other
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised
implementation will not encrypt the entirety of the data under some
circumstances. This could reveal sixteen bytes of data that was preexisting in
the memory that wasn't written. In the special case of "in place" encryption,
sixteen bytes of the plaintext would be revealed.
OpenSSL security advisory:
https://www.openssl.org/news/secadv/20220705.txt
Upstream fix:
https://github.com/openssl/openssl/commit/6ebf6d51596f51d23ccbc17930778d104…
[master]
https://github.com/openssl/openssl/commit/919925673d6c9cfed3c1085497f5dfbbe…
[1_1_1-stable]
https://github.com/openssl/openssl/commit/a98f339ddd7e8f487d6e0088d4a9a4232…
[openssl-3.0]
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2104905
https://bugzilla.redhat.com/show_bug.cgi?id=2134911
Bug ID: 2134911
Summary: QSocketNotifier: Can only be used with threads started
with QThread
Product: Fedora
Version: 36
Hardware: x86_64
OS: Linux
Status: NEW
Component: python-matplotlib
Assignee: quantum.analyst(a)gmail.com
Reporter: dev(a)javinator9889.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
gwync(a)protonmail.com, jonathan.underwood(a)gmail.com,
paulo.cesar.pereira.de.andrade(a)gmail.com,
python-packagers-sig(a)lists.fedoraproject.org,
quantum.analyst(a)gmail.com, thibault(a)north.li,
tomspur(a)fedoraproject.org
Target Milestone: ---
Classification: Fedora
Created attachment 1918084
--> https://bugzilla.redhat.com/attachment.cgi?id=1918084&action=edit
Python script to replicate exactly the issue (one needs to have cuDNN and CUDA
for make it work)
Description of problem:
Trying to replicate a convolutional AI model on my local computer I faced this
issue when simply trying to display the generated images by such model. The
"guide" I'm following is:
https://keras.io/guides/keras_cv/generate_images_with_stable_diffusion/?s=0…
There is no issue when generating the images but when displaying them.
Version-Release number of selected component (if applicable): tried with both
matplotlib from pip (3.6.1) and the one bundled with Fedora 36 (3.5.3-2, at the
time of writting this). Notice that the shipped Python version is in use
(3.10.2)
How reproducible: always, inside a Wayland environment (I didn't tried with
Xorg but I've seen in general that this issue is only related to Wayland)
Steps to Reproduce:
1. Generate a bunch of images using the model, or any other application
2. In a Python console:
```
import matplotlib.pyplot as plt
# images = <matrix of generated images>
plt.imshow(images)
```
Actual results:
QSocketNotifier: Can only be used with threads started with QThread
Expected results:
The set of images show up and are displayed
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2134911
https://bugzilla.redhat.com/show_bug.cgi?id=2117860
Bug ID: 2117860
Summary: Please branch and build libappindicator-devel in
epel8.
Product: Fedora
Version: 36
Status: NEW
Component: libappindicator
Assignee: echevemaster(a)gmail.com
Reporter: markus.muckhoff(a)softwaretechnik-und-mehr.de
QA Contact: extras-qa(a)fedoraproject.org
CC: dcavalca(a)fb.com, echevemaster(a)gmail.com,
epel-packagers-sig(a)lists.fedoraproject.org,
mailinglists(a)tpokorra.de, michel(a)michel-slm.name,
ngompa13(a)gmail.com, oliver(a)redhat.com,
philip.wyett(a)kathenas.org
Target Milestone: ---
Classification: Fedora
Please branch and build libappindicator-devel in epel8.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2117860
https://bugzilla.redhat.com/show_bug.cgi?id=2137393
Bug ID: 2137393
Summary: [abrt] meld: _flush_std_streams():
util.py:439:_flush_std_streams:OSError: [Errno 5]
Input/output error
Product: Fedora
Version: 36
Hardware: x86_64
Status: NEW
Whiteboard: abrt_hash:923f838279f1054d8f9f0ae9937e7aada5c35488;VAR
IANT_ID=xfce;
Component: meld
Assignee: dmaphy(a)fedoraproject.org
Reporter: dave(a)dave3.xyz
QA Contact: extras-qa(a)fedoraproject.org
CC: cwickert(a)fedoraproject.org, dmaphy(a)fedoraproject.org,
epel-packagers-sig(a)lists.fedoraproject.org,
lkundrak(a)v3.sk, michel(a)michel-slm.name,
oliver(a)linux-kernel.at
Target Milestone: ---
Classification: Fedora
Description of problem:
Launched 2 instances from cmd line in background. Bugged out after starting
program 2nd time. Launched from terminal inside Intellij.
Version-Release number of selected component:
meld-3.22.0-1.fc36
Additional info:
reporter: libreport-2.17.4
cgroup:
0::/user.slice/user-1000.slice/user@1000.service/app.slice/snap.intellij-idea-ultimate.intellij-idea-ultimate.e962ec3f-35e7-488f-8c46-7c6cd9a4da9c.scope
cmdline: /usr/bin/python3 /usr/bin/meld run_autocluster.py
run_autocluster_old.py
crash_function: _flush_std_streams
exception_type: OSError
executable: /usr/bin/meld
interpreter: python3-3.10.7-1.fc36.x86_64
kernel: 5.19.16-200.fc36.x86_64
runlevel: N 5
type: Python3
uid: 1000
Truncated backtrace:
util.py:439:_flush_std_streams:OSError: [Errno 5] Input/output error
Traceback (most recent call last):
File "/usr/lib64/python3.10/multiprocessing/process.py", line 121, in start
self._popen = self._Popen(self)
File "/usr/lib64/python3.10/multiprocessing/context.py", line 224, in _Popen
return _default_context.get_context().Process._Popen(process_obj)
File "/usr/lib64/python3.10/multiprocessing/context.py", line 281, in _Popen
return Popen(process_obj)
File "/usr/lib64/python3.10/multiprocessing/popen_fork.py", line 16, in
__init__
util._flush_std_streams()
File "/usr/lib64/python3.10/multiprocessing/util.py", line 439, in
_flush_std_streams
sys.stderr.flush()
OSError: [Errno 5] Input/output error
Local variables in innermost frame:
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2137393