January 2023 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2164598] New: android-tools: FTBFS in Fedora Rawhide
by bugzilla＠redhat.com 29 Jan '24

29 Jan '24

https://bugzilla.redhat.com/show_bug.cgi?id=2164598 Bug ID: 2164598 Summary: android-tools: FTBFS in Fedora Rawhide Product: Fedora Version: rawhide URL: https://koschei.fedoraproject.org/package/android-tool s Status: NEW Component: android-tools Assignee: ivan.afonichev(a)gmail.com Reporter: code(a)musicinmybrain.net QA Contact: extras-qa(a)fedoraproject.org CC: admiller(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, ivan.afonichev(a)gmail.com, jeroen(a)tietema.net Target Milestone: --- Classification: Fedora Description of problem: Package android-tools fails to build from source in Fedora Rawhide. Version-Release number of selected component (if applicable): 33.0.3p1-1.fc38 Steps to Reproduce: koji build --scratch f38 android-tools-33.0.3p1-1.fc38.src.rpm Additional info: This package is tracked by Koschei. See: https://koschei.fedoraproject.org/package/android-tools [ 22%] Building C object vendor/CMakeFiles/libext2fs.dir/e2fsprogs/lib/ext2fs/extent.c.o In file included from /builddir/build/BUILD/android-tools-33.0.3p1/vendor/adb/client/file_sync_client.h:22, from /builddir/build/BUILD/android-tools-33.0.3p1/vendor/adb/client/file_sync_client.cpp:17: /builddir/build/BUILD/android-tools-33.0.3p1/vendor/adb/file_sync_protocol.h:41:5: error: 'uint32_t' does not name a type 41 | uint32_t id; // ID_STAT, et cetera. | ^~~~~~~~ https://www.gnu.org/software/gcc/gcc-13/porting_to.html -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2164598

1 6

[Bug 2127039] New: Please branch and build python3-pygraphviz in epel9
by bugzilla＠redhat.com 18 Jan '24

18 Jan '24

https://bugzilla.redhat.com/show_bug.cgi?id=2127039 Bug ID: 2127039 Summary: Please branch and build python3-pygraphviz in epel9 Product: Fedora EPEL Version: epel9 Status: NEW Component: python-pygraphviz Assignee: zbyszek(a)in.waw.pl Reporter: romain.geissler(a)amadeus.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, logans(a)cottsay.net, python-sig(a)lists.fedoraproject.org, zbyszek(a)in.waw.pl Target Milestone: --- Classification: Fedora Please branch and build python3-pygraphviz in epel9. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2127039

1 10

[Bug 2163254] New: CVE-2022-41717 golang-x-tools: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [fedora-all]
by bugzilla＠redhat.com 12 Jan '24

12 Jan '24

https://bugzilla.redhat.com/show_bug.cgi?id=2163254 Bug ID: 2163254 Summary: CVE-2022-41717 golang-x-tools: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [fedora-all] Product: Fedora Version: 37 Status: NEW Component: golang-x-tools Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: zebob.m(a)gmail.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, zebob.m(a)gmail.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2161274 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2163254

1 6

[Bug 2132180] New: python-numpydoc-1.5.0rc1 is available
by bugzilla＠redhat.com 01 Jan '24

01 Jan '24

https://bugzilla.redhat.com/show_bug.cgi?id=2132180 Bug ID: 2132180 Summary: python-numpydoc-1.5.0rc1 is available Product: Fedora Version: rawhide Status: NEW Component: python-numpydoc Keywords: FutureFeature, Triaged Assignee: python-packagers-sig(a)lists.fedoraproject.org Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, jonathan(a)almalinux.org, orion(a)nwra.com, python-packagers-sig(a)lists.fedoraproject.org, tomspur(a)fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 1.5.0rc1 Upstream release that is considered latest: 1.5.0rc1 Current version/release in rawhide: 1.4.0-1.fc38 URL: https://pypi.python.org/pypi/numpydoc Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/10343/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-numpydoc -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2132180

1 15

[Bug 2162399] New: CVE-2022-46175 yarnpkg: json5: Prototype Pollution in JSON5 via Parse Method [fedora-37]
by bugzilla＠redhat.com 07 Dec '23

07 Dec '23

https://bugzilla.redhat.com/show_bug.cgi?id=2162399 Bug ID: 2162399 Summary: CVE-2022-46175 yarnpkg: json5: Prototype Pollution in JSON5 via Parse Method [fedora-37] Product: Fedora Version: 37 Status: NEW Component: yarnpkg Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: zsvetlik(a)redhat.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, manisandro(a)gmail.com, ngompa13(a)gmail.com, zsvetlik(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2156263 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2162399

1 4

[Bug 2154741] New: Asterisk SELinux preventing /proc/sys/net/ipv4/ip_local_port_range access
by bugzilla＠redhat.com 06 Dec '23

06 Dec '23

https://bugzilla.redhat.com/show_bug.cgi?id=2154741 Bug ID: 2154741 Summary: Asterisk SELinux preventing /proc/sys/net/ipv4/ip_local_port_range access Product: Fedora Version: 37 Hardware: x86_64 OS: Linux Status: NEW Component: asterisk Severity: high Assignee: jsmith.fedora(a)gmail.com Reporter: arcadiy(a)ivanov.biz QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com, rbryant(a)redhat.com Target Milestone: --- Classification: Fedora Description of problem: Dec 18 22:47:16 hostname audit[3224]: AVC avc: denied { search } for pid=3224 comm="asterisk" name="net" dev="proc" ino=174 scontext=system_u:system_r:asterisk_t:s0 tcontext=system_u:object_r:sysctl_net_t:s0 tclass=dir permissive=0 Dec 18 22:47:16 hostname asterisk[3224]: [1671421636] libunbound[3224:0] error: failed to read from file: /proc/sys/net/ipv4/ip_local_port_range (Permission denied) Version-Release number of selected component (if applicable): 18.12.1-1.fc37.1 How reproducible: Always Steps to Reproduce: 1. Install 2. Start with SELinux policy active 3. Observe error -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2154741

1 2

[Bug 2152840] New: [abrt] meld: g_settings_set_property(): python3.11 killed by SIGTRAP
by bugzilla＠redhat.com 06 Dec '23

06 Dec '23

https://bugzilla.redhat.com/show_bug.cgi?id=2152840 Bug ID: 2152840 Summary: [abrt] meld: g_settings_set_property(): python3.11 killed by SIGTRAP Product: Fedora Version: 37 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:9486b5cfac5ed9f58f788fce07321270f1211c4b; Component: meld Assignee: dmaphy(a)fedoraproject.org Reporter: kvolny(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: cwickert(a)fedoraproject.org, dmaphy(a)fedoraproject.org, epel-packagers-sig(a)lists.fedoraproject.org, lkundrak(a)v3.sk, michel(a)michel-slm.name Target Milestone: --- Classification: Fedora Description of problem: I've tried to compare two mp3 files ... not sure if meld does binary, I just wanted to try, but if it doesn't, it should throw error instead of crashing. Version-Release number of selected component: meld-3.22.0-1.fc37 Additional info: reporter: libreport-2.17.4 backtrace_rating: 4 cgroup: 0::/user.slice/user-1000.slice/user@1000.service/app.slice/app-org.kde.konsole-a4992fdaf323437892db4897a174631d.scope cmdline: /usr/bin/python3 /usr/bin/meld ./Track11.mp3 $'/home/kvolny/tmp/Záviš/Záviš - 2002 - Sejdeme se na věčnosti/11 Konvenční vagabund.mp3' crash_function: g_settings_set_property executable: /usr/bin/python3.11 journald_cursor: s=b520fb1724e544ef8569f6fc75c0ec83;i=ec9847e;b=4ab27b716b9f4b27a5eb96f87898a2c3;m=1420bc5282;t=5efb17abf6fda;x=bfd15c051fb31584 kernel: 6.0.12-300.fc37.x86_64 rootdir: / runlevel: N 5 type: CCpp uid: 1000 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2152840

1 2

[Bug 2150951] New: CVE-2022-37325 asterisk: Remote Crash Vulnerability in H323 channel add on [fedora-all]
by bugzilla＠redhat.com 06 Dec '23

06 Dec '23

https://bugzilla.redhat.com/show_bug.cgi?id=2150951 Bug ID: 2150951 Summary: CVE-2022-37325 asterisk: Remote Crash Vulnerability in H323 channel add on [fedora-all] Product: Fedora Version: 37 Status: NEW Component: asterisk Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jsmith.fedora(a)gmail.com Reporter: zmiele(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com, rbryant(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2150949 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2150951

1 4

[Bug 2150945] New: CVE-2022-42705 asterisk: Use after free in res_pjsip_pubsub.c [fedora-all]
by bugzilla＠redhat.com 06 Dec '23

06 Dec '23

https://bugzilla.redhat.com/show_bug.cgi?id=2150945 Bug ID: 2150945 Summary: CVE-2022-42705 asterisk: Use after free in res_pjsip_pubsub.c [fedora-all] Product: Fedora Version: 37 Status: NEW Component: asterisk Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: jsmith.fedora(a)gmail.com Reporter: zmiele(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com, rbryant(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2150943 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2150945

1 4

[Bug 2150942] New: asterisk: GetConfig AMI Action can read files outside of Asterisk directory [fedora-all]
by bugzilla＠redhat.com 06 Dec '23

06 Dec '23

https://bugzilla.redhat.com/show_bug.cgi?id=2150942 Bug ID: 2150942 Summary: asterisk: GetConfig AMI Action can read files outside of Asterisk directory [fedora-all] Product: Fedora Version: 37 Status: NEW Component: asterisk Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: jsmith.fedora(a)gmail.com Reporter: zmiele(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com, rbryant(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2150940 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2150942

1 4

2025

2024

2023

2022

2021

Epel-packagers-sig January 2023