January 2024 - Epel-packagers-sig - Fedora Mailing-Lists

[Bug 2173701] New: CVE-2021-41141 CVE-2021-43845 CVE-2022-24754 CVE-2022-24763 CVE-2022-24786 CVE-2022-24792 CVE-2022-24793 asterisk: pjsip: Multiple vulnerabilities [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2173701 Bug ID: 2173701 Summary: CVE-2021-41141 CVE-2021-43845 CVE-2022-24754 CVE-2022-24763 CVE-2022-24786 CVE-2022-24792 CVE-2022-24793 asterisk: pjsip: Multiple vulnerabilities [fedora-all] Product: Fedora Version: 37 Status: NEW Component: asterisk Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jsmith.fedora(a)gmail.com Reporter: psampaio(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com, rbryant(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2173699 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2173701

4 months, 1 week

1
4
0 / 0

[Bug 2173204] New: [abrt] gnome-calendar: g_type_check_instance_cast(): gnome-calendar killed by SIGSEGV

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2173204 Bug ID: 2173204 Summary: [abrt] gnome-calendar: g_type_check_instance_cast(): gnome-calendar killed by SIGSEGV Product: Fedora Version: 37 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:097a7df52881ab113babff5506fdfdc0bb63e8d1;VAR IANT_ID=workstation; Component: gnome-calendar Assignee: gnome-sig(a)lists.fedoraproject.org Reporter: mohamed.b.baig(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, gnome-sig(a)lists.fedoraproject.org, igor.raits(a)gmail.com, klember(a)redhat.com Target Milestone: --- Classification: Fedora Description of problem: Clicked to future day from the left nav then clicked back on today's date Version-Release number of selected component: gnome-calendar-43.1-3.fc37 Additional info: reporter: libreport-2.17.4 backtrace_rating: 4 cgroup: 0::/user.slice/user-1000.slice/user@1000.service/app.slice/dbus-:1.2-org.gnome.Calendar@0.service cmdline: /usr/bin/gnome-calendar --gapplication-service crash_function: g_type_check_instance_cast executable: /usr/bin/gnome-calendar journald_cursor: s=829bd94ca3fa4b64af263b98ea52b01f;i=da28c;b=5b2b156c38514bbe8228dc075ef7c8fa;m=2747c93f6;t=5f575d1e7b057;x=8f8db0b61ac96f1c kernel: 6.1.13-200.fc37.x86_64 rootdir: / runlevel: N 5 type: CCpp uid: 1000 Truncated backtrace: Thread no. 1 (7 frames) #0 g_type_check_instance_cast at ../gobject/gtype.c:4122 #1 gcal_agenda_view_remove_event at ../src/gui/views/gcal-agenda-view.c:586 #2 remove_event_from_subscriber at ../src/core/gcal-timeline.c:228 #3 timeline_source_dispatch at ../src/core/gcal-timeline.c:717 #6 g_main_context_iterate.constprop.0 at ../glib/gmain.c:4238 #7 g_main_context_iteration at ../glib/gmain.c:4303 #8 g_application_run at ../gio/gapplication.c:2571 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2173204

4 months, 1 week

1
2
0 / 0

[Bug 2170263] New: CVE-2023-23934 python-werkzeug: cookie prefixed with = can shadow unprefixed cookie [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2170263 Bug ID: 2170263 Summary: CVE-2023-23934 python-werkzeug: cookie prefixed with = can shadow unprefixed cookie [fedora-all] Product: Fedora Version: 37 Status: NEW Component: python-werkzeug Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: fzatlouk(a)redhat.com Reporter: askrabec(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: aurelien(a)bompard.org, danielmyoung(a)gmail.com, epel-packagers-sig(a)lists.fedoraproject.org, fzatlouk(a)redhat.com, karlthered(a)gmail.com, python-packagers-sig(a)lists.fedoraproject.org, tdawson(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2170243 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2170263

4 months, 1 week

1
4
0 / 0

[Bug 2170259] New: CVE-2023-25577 python-werkzeug: high resource usage when parsing multipart form data with many fields [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2170259 Bug ID: 2170259 Summary: CVE-2023-25577 python-werkzeug: high resource usage when parsing multipart form data with many fields [fedora-all] Product: Fedora Version: 37 Status: NEW Component: python-werkzeug Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: fzatlouk(a)redhat.com Reporter: askrabec(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: aurelien(a)bompard.org, danielmyoung(a)gmail.com, epel-packagers-sig(a)lists.fedoraproject.org, fzatlouk(a)redhat.com, karlthered(a)gmail.com, python-packagers-sig(a)lists.fedoraproject.org, tdawson(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2170242 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2170259

4 months, 1 week

1
4
0 / 0

[Bug 2166696] New: [abrt] cinnamon: __init__(): xlet-settings.py:160:__init__:IndexError: list index out of range

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2166696 Bug ID: 2166696 Summary: [abrt] cinnamon: __init__(): xlet-settings.py:160:__init__:IndexError: list index out of range Product: Fedora Version: 37 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:dadfbdd10da40ffecb6afd3e2692c9c334d62b69;VAR IANT_ID=cinnamon; Component: cinnamon Assignee: leigh123linux(a)googlemail.com Reporter: rorymobley5(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, leigh123linux(a)googlemail.com, miketwebster(a)gmail.com, riehecky(a)fnal.gov Target Milestone: --- Classification: Fedora Version-Release number of selected component: cinnamon-5.6.5-1.fc37 Additional info: reporter: libreport-2.17.4 cgroup: 0::/user.slice/user-1000.slice/session-2.scope cmdline: xlet-settings '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' crash_function: __init__ exception_type: IndexError executable: /usr/share/cinnamon/cinnamon-settings/xlet-settings.py interpreter: cinnamon-5.6.5-1.fc37.x86_64 kernel: 6.1.8-200.fc37.x86_64 runlevel: N 5 type: Python3 uid: 1000 Truncated backtrace: xlet-settings.py:160:__init__:IndexError: list index out of range Traceback (most recent call last): File "/usr/share/cinnamon/cinnamon-settings/xlet-settings.py", line 593, in <module> window = MainWindow(xlet_type, uuid, *sys.argv[3:]) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/share/cinnamon/cinnamon-settings/xlet-settings.py", line 160, in __init__ self.set_instance(self.instance_info[0]) ~~~~~~~~~~~~~~~~~~^^^ IndexError: list index out of range Local variables in innermost frame: self: <__main__.MainWindow object at 0x7f8c4ecc5e50> xlet_type: 'applet' uuid: 'gpaste-reloaded(a)feuerfuchs.eu' instance_id: '18' opts: [('-i', '18'), ('-t', '[object')] opt: '-t' arg: '[object' -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2166696

4 months, 1 week

1
2
0 / 0

[Bug 2163254] New: CVE-2022-41717 golang-x-tools: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2163254 Bug ID: 2163254 Summary: CVE-2022-41717 golang-x-tools: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [fedora-all] Product: Fedora Version: 37 Status: NEW Component: golang-x-tools Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: zebob.m(a)gmail.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, zebob.m(a)gmail.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2161274 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2163254

4 months, 1 week

1
6
0 / 0

[Bug 2241718] New: python-jedi-0.19.1 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2241718 Bug ID: 2241718 Summary: python-jedi-0.19.1 is available Product: Fedora Version: rawhide Status: NEW Component: python-jedi Keywords: FutureFeature, Triaged Assignee: lbalhar(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: carl(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, lbalhar(a)redhat.com, phracek(a)redhat.com, python-packagers-sig(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 0.19.1 Upstream release that is considered latest: 0.19.1 Current version/release in rawhide: 0.19.0-1.fc39 URL: https://pypi.python.org/pypi/jedi Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release... Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/3893/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-jedi -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2241718 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

4 months, 1 week

1
6
0 / 0

[Bug 2257906] New: python-nbconvert-7.14.1 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2257906 Bug ID: 2257906 Summary: python-nbconvert-7.14.1 is available Product: Fedora Version: rawhide Status: NEW Component: python-nbconvert Keywords: FutureFeature, Triaged Assignee: lbalhar(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, jonathan(a)almalinux.org, lbalhar(a)redhat.com, mhroncok(a)redhat.com, python-packagers-sig(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 7.14.1 Upstream release that is considered latest: 7.14.1 Current version/release in rawhide: 7.14.0-1.fc40 URL: https://jupyter.org/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release... Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/10522/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-nbconvert -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2257906 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

4 months, 1 week

1
2
0 / 0

[Bug 2257835] New: Browser crashed

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2257835 Bug ID: 2257835 Summary: Browser crashed Product: Fedora Version: 39 Hardware: x86_64 OS: Linux Status: NEW Component: fedora-packager Keywords: Desktop, Upgrades Severity: medium Assignee: mboddu(a)bhujji.com Reporter: wahid.telco(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, mboddu(a)bhujji.com, rhbugs(a)n-dimensional.de Target Milestone: --- Classification: Fedora Here is my linux machine details. $ hostnamectl Static hostname: wahid-lenovo Icon name: computer-laptop Chassis: laptop 💻 Machine ID: aeeb754f54b241aab99cf5ae31055456 Boot ID: e9933e158079497aa1d29f53c1849dde Operating System: Fedora Linux 39 (Workstation Edition) CPE OS Name: cpe:/o:fedoraproject:fedora:39 OS Support End: Tue 2024-11-12 OS Support Remaining: 10month 1d Kernel: Linux 6.6.9-200.fc39.x86_64 Architecture: x86-64 Hardware Vendor: Lenovo Hardware Model: ThinkPad E490 Firmware Version: R0YET52W (1.35) Firmware Date: Thu 2023-08-31 Firmware Age: 4month 1w 4d Problem: I have changed my hostname from wahid-lenovo to wahid-lenovo-f9 then update and upgrade the system and restart the laptop. After that Google chrome, Mikrosoft Edge and Opera are not opening. I found some solution from online, i have reverted back the hostname from wahid-lenovo-f9 to wahid-lenovo. And surprisingly all browsers are opening. Reproducible: Always -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2257835 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

4 months, 1 week

1
2
0 / 0

[Bug 2257830] New: CVE-2023-49295 dnscrypt-proxy: quic-go: memory exhaustion attack against QUIC's path validation mechanism [fedora-39]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2257830 Bug ID: 2257830 Summary: CVE-2023-49295 dnscrypt-proxy: quic-go: memory exhaustion attack against QUIC's path validation mechanism [fedora-39] Product: Fedora Version: 39 Status: NEW Component: dnscrypt-proxy Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: davide(a)cavalca.name Reporter: trathi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, zebob.m(a)gmail.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2257815 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2257830 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

4 months, 1 week

1
2
0 / 0