https://bugzilla.redhat.com/show_bug.cgi?id=2242985
Bug ID: 2242985
Summary: Please branch and build heaptrack in epel9
Product: Fedora EPEL
Version: epel9
Hardware: All
OS: FreeBSD
Status: NEW
Component: heaptrack
Severity: medium
Assignee: jgrulich(a)redhat.com
Reporter: cyqsimon(a)163.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
jgrulich(a)redhat.com, kde-sig(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
At the moment, heaptrack is packaged in EPEL8 but not EPEL9.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2242985
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2176591
Bug ID: 2176591
Summary: msmtp package should provide /usr/bin/sendmail
Product: Fedora
Version: rawhide
Status: NEW
Component: msmtp
Assignee: lemenkov(a)gmail.com
Reporter: yann(a)droneaud.fr
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
gbcox(a)bzb.us, lemenkov(a)gmail.com, ndevos(a)redhat.com,
wart(a)kobold.org
Target Milestone: ---
Classification: Fedora
Description of problem:
msmtp package is not declared to provide /usr/sbin/sendmail. But installing
the package, makes msmtp the "mta" (see alternatives --display mta), and thus
provide /usr/bin/sendmail.
Some packages, see below, requires /usr/sbin/sendmail
BackupPC-0:4.4.0-9.fc38.x86_64
alpine-0:2.26-3.fc38.x86_64
arpwatch-14:3.3-14.fc39.x86_64
asterisk-voicemail-0:18.12.1-1.fc38.3.x86_64
certwatch-mod_ssl-0:1.2-12.fc38.x86_64
fail2ban-sendmail-0:1.0.2-2.fc38.noarch
fvwm-0:2.7.0-3.fc38.x86_64
hylafax+-client-0:7.0.7-1.fc39.i686
hylafax+-client-0:7.0.7-1.fc39.x86_64
mgetty-0:1.2.1-18.fc38.x86_64
quilt-0:0.67-4.fc39.noarch
redhat-lsb-core-0:4.1-60.fc38.i686
redhat-lsb-core-0:4.1-60.fc38.x86_64
spamass-milter-0:0.4.0-24.fc38.x86_64
uudeview-0:0.5.20-51.fc38.x86_64
websec-0:1.9.0-34.fc38.noarch
x509watch-0:0.6.1-14.fc38.noarch
Thus, when asking dnf to install one of the packages above, it will also
install another mta from the list below if none of them is already installed.
Likely esmtp in my experience (likely because it's the first alphabetically).
esmtp-0:1.2-21.fc38.x86_64
exim-0:4.96-8.fc38.x86_64
opensmtpd-0:6.8.0p2-11.fc38.x86_64
postfix-2:3.7.4-1.fc38.x86_64
sendmail-0:8.17.1-8.fc38.x86_64
ssmtp-0:2.64-32.fc38.x86_64
Having msmtp already installed should be enough to satisfy /usr/sbin/sendmail
requirement, and no other MTA should be installed as part of installing another
package.
Version-Release number of selected component (if applicable):
msmtp-1.8.23-1.fc38.x86_64
How reproducible:
When installing a package that requires /usr/bin/sendmail when no other MTA
is installed.
Steps to Reproduce:
1. dnf install msmtp
2. dnf install arpwatch
Actual results:
"dnf install arpwatch" installs arpwatch and esmtp
Expected results:
"dnf install arpwatch" would install only arpwatch
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2176591
https://bugzilla.redhat.com/show_bug.cgi?id=2254635
Bug ID: 2254635
Summary: TRIAGE CVE-2023-49786 asterisk: race condition in the
hello handshake phase of the DTLS protocol triggers
denial of service [fedora-all]
Product: Fedora
Version: 38
Status: NEW
Component: asterisk
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: jsmith.fedora(a)gmail.com
Reporter: rgatica(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: bennie.joubert(a)jsdaav.com,
epel-packagers-sig(a)lists.fedoraproject.org,
jsmith.fedora(a)gmail.com, rbryant(a)redhat.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2254633
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2254635
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2254632
Bug ID: 2254632
Summary: TRIAGE CVE-2023-49294 asterisk: access to arbitrary
files via directory traversal [fedora-all]
Product: Fedora
Version: 38
Status: NEW
Component: asterisk
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: jsmith.fedora(a)gmail.com
Reporter: rgatica(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: bennie.joubert(a)jsdaav.com,
epel-packagers-sig(a)lists.fedoraproject.org,
jsmith.fedora(a)gmail.com, rbryant(a)redhat.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2254630
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2254632
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2254627
Bug ID: 2254627
Summary: TRIAGE CVE-2023-37457 asterisk: potential buffer
overflow in PJSIP_HEADER dialplan function
[fedora-all]
Product: Fedora
Version: 38
Status: NEW
Component: asterisk
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: jsmith.fedora(a)gmail.com
Reporter: rgatica(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: bennie.joubert(a)jsdaav.com,
epel-packagers-sig(a)lists.fedoraproject.org,
jsmith.fedora(a)gmail.com, rbryant(a)redhat.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2254625
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2254627
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…