May 2024 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2249261] New: Blender + HIP + mesa crashing on Radeon RX 6650 (RDNA2)
by bugzilla＠redhat.com 18 Jul '24

18 Jul '24

https://bugzilla.redhat.com/show_bug.cgi?id=2249261 Bug ID: 2249261 Summary: Blender + HIP + mesa crashing on Radeon RX 6650 (RDNA2) Product: Fedora Version: 39 Hardware: x86_64 OS: Linux Status: NEW Component: blender Keywords: Desktop Severity: medium Assignee: luya_tfz(a)thefinalzone.net Reporter: lucas.kurdziel(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: code(a)musicinmybrain.net, design-devel(a)lists.fedoraproject.org, epel-packagers-sig(a)lists.fedoraproject.org, kwizart(a)gmail.com, luya_tfz(a)thefinalzone.net, negativo17(a)gmail.com Target Milestone: --- Classification: Fedora Hello, I've been trying to run Blender rendering on GPU. I tried couple of weeks ago on Fedora 38 and today after fresh upgrade to Fedora 39. I've installed Blender from repositories. After intalling `rocm-hip` package the GPU becomes listed as available in Blender GPU rendering properties. It. Crashes. Every. Single. Time. Now, the interesting part is: If I run Blender via `distrobox` (installed in an Arch Linux container) it all works beautifully! Here's the link to a hack/workaround: https://www.reddit.com/r/Fedora/comments/11qh9j3/getting_bender_hip_to_work/ Is `rocm-hip` in Fedora not the equivalent of `hip-runtime-amd` from Arch? Is there a way of getting GPU rendering in Blender on Fedora with Mesa drivers and HIP? Because as proved - it does work on this hardware + mesa + blender Blender from F39 repo: 3.6.4 Blender in Arch container: 3.6.5 I've tried also installing Blender 3.6.5 from Rawhide but same exact thing happens - Blender crashing Reproducible: Always Steps to Reproduce: 1. dnf install blender rocm-hip 2. Open up Blender, go to Edit -> Preferences -> System -> Cycles rendering devices -> HIP, Radeon RDNA2 GPU ticked 3. Close it. Go to Render properties on the right bottom pane, select Render engine: Cycles, Feature set: Supported, Device: GPU Compute, press F12 4. Press F12 and Blender will crash right away. If you're unlucky it'll crash at step 2 Actual Results: Blender crash Expected Results: Blender doesn't crash -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2249261 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 6

[Bug 2280786] New: CVE-2024-4067 yarnpkg: micromatch: vulnerable to Regular Expression Denial of Service [fedora-all]
by bugzilla＠redhat.com 12 Jul '24

12 Jul '24

https://bugzilla.redhat.com/show_bug.cgi?id=2280786 Bug ID: 2280786 Summary: CVE-2024-4067 yarnpkg: micromatch: vulnerable to Regular Expression Denial of Service [fedora-all] Product: Fedora Version: 40 Status: NEW Component: yarnpkg Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: zsvetlik(a)redhat.com Reporter: rkeshri(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, manisandro(a)gmail.com, ngompa13(a)gmail.com, zsvetlik(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2280601 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2280786 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 5

[Bug 2283798] New: Location of unix socket is hardcoded in /etc/sysconfig/valkey
by bugzilla＠redhat.com 11 Jul '24

11 Jul '24

https://bugzilla.redhat.com/show_bug.cgi?id=2283798 Bug ID: 2283798 Summary: Location of unix socket is hardcoded in /etc/sysconfig/valkey Product: Fedora Version: 39 Hardware: x86_64 OS: Linux Status: NEW Component: valkey Severity: high Assignee: jonathan(a)almalinux.org Reporter: fedora(a)joshuanoeske.de CC: epel-packagers-sig(a)lists.fedoraproject.org, fedora(a)famillecollet.com, jonathan(a)almalinux.org, nathans(a)redhat.com, ngompa13(a)gmail.com Target Milestone: --- Classification: Fedora Changing the location of the unixsocket in /etc/valkey/valkey.conf does not actually change its location as it is hardcoded in /etc/sysconfig/valkey. It took me quite some time to figure out why the location of my socket was not changing although I changed it. Either inform users about that or remove the hardcoded location of the socket, please Reproducible: Always Steps to Reproduce: 1. Change location of unix socket in /etc/valkey/valkey.conf 2. Restart valkey Actual Results: Unix socket still at /var/run/valkey/valkey.conf Expected Results: Change the location of the unixsocket. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2283798 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 19

[Bug 2261237] New: hugo: FTBFS in Fedora rawhide/f40
by bugzilla＠redhat.com 10 Jul '24

10 Jul '24

https://bugzilla.redhat.com/show_bug.cgi?id=2261237 Bug ID: 2261237 Summary: hugo: FTBFS in Fedora rawhide/f40 Product: Fedora Version: rawhide Status: NEW Component: hugo Assignee: athoscribeiro(a)gmail.com Reporter: releng(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: athoscribeiro(a)gmail.com, epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, neil(a)shrug.pw, quantum.analyst(a)gmail.com, redhat(a)flyn.org Blocks: 2231791 (F40FTBFS) Target Milestone: --- Classification: Fedora hugo failed to build from source in Fedora rawhide/f40 https://koji.fedoraproject.org/koji/taskinfo?taskID=112299625 For details on the mass rebuild see: https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild Please fix hugo at your earliest convenience and set the bug's status to ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks, hugo will be orphaned. Before branching of Fedora 41, hugo will be retired, if it still fails to build. For more details on the FTBFS policy, please visit: https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails… Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2231791 [Bug 2231791] Fedora 40 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2261237 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

[Bug 2256379] New: fzf-0.45.0 is available
by bugzilla＠redhat.com 09 Jul '24

09 Jul '24

https://bugzilla.redhat.com/show_bug.cgi?id=2256379 Bug ID: 2256379 Summary: fzf-0.45.0 is available Product: Fedora Version: rawhide Status: NEW Component: fzf Keywords: FutureFeature, Triaged Assignee: quantum.analyst(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, quantum.analyst(a)gmail.com Target Milestone: --- Classification: Fedora Releases retrieved: 0.45.0 Upstream release that is considered latest: 0.45.0 Current version/release in rawhide: 0.44.1-1.fc40 URL: https://github.com/junegunn/fzf Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/15856/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/fzf -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2256379 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 24

[Bug 2281506] New: CVE-2024-34083 python-aiosmtpd: aiosmtpd: servers based on aiosmtpd accept extra unencrypted commands [epel-7]
by bugzilla＠redhat.com 08 Jul '24

08 Jul '24

https://bugzilla.redhat.com/show_bug.cgi?id=2281506 Bug ID: 2281506 Summary: CVE-2024-34083 python-aiosmtpd: aiosmtpd: servers based on aiosmtpd accept extra unencrypted commands [epel-7] Product: Fedora EPEL Version: epel7 Status: NEW Component: python-aiosmtpd Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: epel-packagers-sig(a)lists.fedoraproject.org Reporter: ybuenos(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: aurelien(a)bompard.org, epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, psimovec(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2281505 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2281506 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2269312] New: CVE-2024-27305 python-aiosmtpd: aio-libs/aiosmtpd: SMTP smuggling [epel-7]
by bugzilla＠redhat.com 08 Jul '24

08 Jul '24

https://bugzilla.redhat.com/show_bug.cgi?id=2269312 Bug ID: 2269312 Summary: CVE-2024-27305 python-aiosmtpd: aio-libs/aiosmtpd: SMTP smuggling [epel-7] Product: Fedora EPEL Version: epel7 Status: NEW Component: python-aiosmtpd Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: epel-packagers-sig(a)lists.fedoraproject.org Reporter: trathi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: aurelien(a)bompard.org, epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, psimovec(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2269311 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2269312 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2052682] New: CVE-2022-24303 python-pillow: temporary directory with a space character allows removal of unrelated file after im.show() and related action
by bugzilla＠redhat.com 08 Jul '24

08 Jul '24

https://bugzilla.redhat.com/show_bug.cgi?id=2052682 Bug ID: 2052682 Summary: CVE-2022-24303 python-pillow: temporary directory with a space character allows removal of unrelated file after im.show() and related action Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: bdettelb(a)redhat.com, cstratak(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, manisandro(a)gmail.com, miminar(a)redhat.com, orion(a)nwra.com, python-maint(a)redhat.com, python-sig(a)lists.fedoraproject.org, torsava(a)redhat.com Target Milestone: --- Classification: Other If the path to the temporary directory on Linux or macOS contained a space, this would break removal of the temporary image file after im.show() (and related actions), and potentially remove an unrelated file. This been present since PIL. Reference: https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2052682

1 11

[Bug 2042527] New: CVE-2022-22817 python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions
by bugzilla＠redhat.com 08 Jul '24

08 Jul '24

https://bugzilla.redhat.com/show_bug.cgi?id=2042527 Bug ID: 2042527 Summary: CVE-2022-22817 python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: bdettelb(a)redhat.com, cstratak(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, manisandro(a)gmail.com, miminar(a)redhat.com, orion(a)nwra.com, python-maint(a)redhat.com, python-sig(a)lists.fedoraproject.org, torsava(a)redhat.com Target Milestone: --- Classification: Other PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. Reference: https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-bu… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2042527

1 23

[Bug 2042522] New: CVE-2022-22816 python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c
by bugzilla＠redhat.com 08 Jul '24

08 Jul '24

https://bugzilla.redhat.com/show_bug.cgi?id=2042522 Bug ID: 2042522 Summary: CVE-2022-22816 python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: bdettelb(a)redhat.com, cstratak(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, manisandro(a)gmail.com, miminar(a)redhat.com, orion(a)nwra.com, python-maint(a)redhat.com, python-sig(a)lists.fedoraproject.org, torsava(a)redhat.com Target Milestone: --- Classification: Other path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. References: https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1da… https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-image… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2042522

1 22

2025

2024

2023

2022

2021

Epel-packagers-sig May 2024