July 2024 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2292348] New: CVE-2024-36587 dnscrypt-proxy: escalate privileges to root via overwriting the binary dnscrypt-proxy [fedora-all]
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2292348 Bug ID: 2292348 Summary: CVE-2024-36587 dnscrypt-proxy: escalate privileges to root via overwriting the binary dnscrypt-proxy [fedora-all] Product: Fedora Version: 40 Status: NEW Component: dnscrypt-proxy Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: davide(a)cavalca.name Reporter: rkeshri(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, zebob.m(a)gmail.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2292346 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2292348 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2281507] New: CVE-2024-34083 python-aiosmtpd: aiosmtpd: servers based on aiosmtpd accept extra unencrypted commands [fedora-all]
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2281507 Bug ID: 2281507 Summary: CVE-2024-34083 python-aiosmtpd: aiosmtpd: servers based on aiosmtpd accept extra unencrypted commands [fedora-all] Product: Fedora Version: 40 Status: NEW Component: python-aiosmtpd Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: aurelien(a)bompard.org Reporter: ybuenos(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: aurelien(a)bompard.org, epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, psimovec(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2281505 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2281507 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 5

[Bug 2281497] New: CVE-2024-35190 asterisk: wrongly matches ALL unauthorized SIP requests [fedora-all]
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2281497 Bug ID: 2281497 Summary: CVE-2024-35190 asterisk: wrongly matches ALL unauthorized SIP requests [fedora-all] Product: Fedora Version: 40 Status: NEW Component: asterisk Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jsmith.fedora(a)gmail.com Reporter: ybuenos(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bennie.joubert(a)jsdaav.com, epel-packagers-sig(a)lists.fedoraproject.org, jsmith.fedora(a)gmail.com, rbryant(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2281495 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2281497 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 5

[Bug 2280857] New: [abrt] cinnamon: __call__(): Gio.py:349:__call__:gi.repository.GLib.GError: g-io-error-quark: GDBus.Error:org.gnome.gjs.JSError.TypeError: type is undefined (36)
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2280857 Bug ID: 2280857 Summary: [abrt] cinnamon: __call__(): Gio.py:349:__call__:gi.repository.GLib.GError: g-io-error-quark: GDBus.Error:org.gnome.gjs.JSError.TypeError: type is undefined (36) Product: Fedora Version: 40 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:fc69d83853bbb5ba6357513c90c6eb0168652112;VAR IANT_ID=cinnamon; Component: cinnamon Assignee: leigh123linux(a)googlemail.com Reporter: filmfan2142(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, leigh123linux(a)googlemail.com, miketwebster(a)gmail.com, riehecky(a)fnal.gov Target Milestone: --- Classification: Fedora Version-Release number of selected component: cinnamon-6.0.4-6.fc40 Additional info: reporter: libreport-2.17.15 kernel: 6.8.9-300.fc40.x86_64 cmdline: cinnamon-settings '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' cgroup: 0::/user.slice/user-1000.slice/session-5.scope uid: 1000 reason: Gio.py:349:__call__:gi.repository.GLib.GError: g-io-error-quark: GDBus.Error:org.gnome.gjs.JSError.TypeError: type is undefined (36) executable: /usr/share/cinnamon/cinnamon-settings/cinnamon-settings.py type: Python3 package: cinnamon-6.0.4-6.fc40 runlevel: N 5 exception_type: gi.repository.GLib.GError crash_function: __call__ interpreter: cinnamon-6.0.4-6.fc40.x86_64 Truncated backtrace: Gio.py:349:__call__:gi.repository.GLib.GError: g-io-error-quark: GDBus.Error:org.gnome.gjs.JSError.TypeError: type is undefined (36) Traceback (most recent call last): File "/usr/share/cinnamon/cinnamon-settings/bin/Spices.py", line 781, in _install_finished self.send_proxy_signal('ReloadXlet', '(ss)', uuid, self.collection_type.upper()) File "/usr/share/cinnamon/cinnamon-settings/bin/Spices.py", line 270, in send_proxy_signal getattr(self._proxy, command)(*args) File "/usr/lib64/python3.12/site-packages/gi/overrides/Gio.py", line 349, in __call__ result = self.dbus_proxy.call_sync(self.method_name, arg_variant, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ gi.repository.GLib.GError: g-io-error-quark: GDBus.Error:org.gnome.gjs.JSError.TypeError: type is undefined (36) Local variables in innermost frame: self: <gi.overrides.Gio._DBusProxyMethodCall object at 0x7ff24887ef90> args: ('CBlack', 'THEME') kwargs: {} signature: '(ss)' arg_variant: GLib.Variant('(ss)', ('CBlack', 'THEME')) Potential duplicate: bug 2035596 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2280857 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2280175] New: [abrt] cinnamon: std::__atomic_base<unsigned long>::load(): cinnamon killed by SIGSEGV
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2280175 Bug ID: 2280175 Summary: [abrt] cinnamon: std::__atomic_base<unsigned long>::load(): cinnamon killed by SIGSEGV Product: Fedora Version: 40 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:1f9c07ff4becff90a3617fc3ccc8c2aa8cb814d4;VAR IANT_ID=workstation; Component: cinnamon Assignee: leigh123linux(a)googlemail.com Reporter: aauzi(a)free.fr QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, leigh123linux(a)googlemail.com, miketwebster(a)gmail.com, riehecky(a)fnal.gov Target Milestone: --- Classification: Fedora Description of problem: It happended on an attempt to wake the PC from deep sleep or, maybe, hibernation. I first used the mouse, the screen backlight went on... then nothing more. After few seconds, despite my efforts to mouse the mouse, use the keyboard, the screen backlight went off. At this stage, I had to force the power off. Version-Release number of selected component: cinnamon-6.0.4-6.fc40 Additional info: reporter: libreport-2.17.15 crash_function: std::__atomic_base<unsigned long>::load type: CCpp dso_list: /usr/bin/cinnamon cinnamon-6.0.4-6.fc40.x86_64 (Fedora Project) 1714659458 rootdir: / uid: 1000 kernel: 6.8.9-300.fc40.x86_64 backtrace_rating: 4 cmdline: cinnamon --replace reason: cinnamon killed by SIGSEGV package: cinnamon-6.0.4-6.fc40 journald_cursor: s=4b82b3d0656a4445b058dd19f0d529a3;i=58bb30;b=2379fa2430584f3aa087a1b7fae4e280;m=1e8cf274ac;t=61849a7845b2b;x=dc2ef7597513be0c executable: /usr/bin/cinnamon cgroup: 0::/user.slice/user-1000.slice/session-2.scope runlevel: N 5 Truncated backtrace: Thread no. 1 (2 frames) #0 std::__atomic_base<unsigned long>::load at /usr/include/c++/14/bits/atomic_base.h:499 #1 mozilla::detail::IntrinsicMemoryOps<unsigned long, (mozilla::MemoryOrdering)0>::load at /usr/src/debug/mozjs102-102.15.1-5.fc40.x86_64/dist/include/mozilla/Atomics.h:195 Potential duplicate: bug 2222870 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2280175 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2280142] New: [abrt] nemo: g_key_file_set_group_comment(): nemo killed by SIGABRT
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2280142 Bug ID: 2280142 Summary: [abrt] nemo: g_key_file_set_group_comment(): nemo killed by SIGABRT Product: Fedora Version: 40 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:e22745ddf8cb555fb810fd306774a4f371753dbd;VAR IANT_ID=workstation; Component: nemo Assignee: leigh123linux(a)googlemail.com Reporter: fedora(a)pires.pro QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, leigh123linux(a)googlemail.com, riehecky(a)fnal.gov Target Milestone: --- Classification: Fedora Version-Release number of selected component: nemo-6.0.2-4.fc40 Additional info: reporter: libreport-2.17.15 type: CCpp reason: nemo killed by SIGABRT journald_cursor: s=4bd04ce12d28412d86f8008d4f3bf16a;i=e2be2;b=8d2d03db5e914cd293faf4f0c58ada98;m=27311f273;t=6184151836264;x=9a15a81bcdd6acff executable: /usr/bin/nemo cmdline: /usr/bin/nemo --no-default-window cgroup: 0::/user.slice/user-1000.slice/user@1000.service/app.slice/dbus-:1.2-org.freedesktop.FileManager1@4.service rootdir: / uid: 1000 kernel: 6.8.9-300.fc40.x86_64 package: nemo-6.0.2-4.fc40 runlevel: N 5 backtrace_rating: 4 crash_function: g_key_file_set_group_comment Truncated backtrace: Thread no. 1 (8 frames) #4 g_key_file_set_group_comment at ../glib/gkeyfile.c:3401 #5 memcpy at /usr/include/bits/string_fortified.h:29 #6 g_strdup_inline at ../glib/gstrfuncs.h:318 #8 nemo_window_get_active_slot at ../src/nemo-window.c:1759 #10 update_places at ../src/nemo-places-sidebar.c:789 #12 signal_emit_unlocked_R.isra.0 at ../gobject/gsignal.c:3888 #13 signal_emit_valist_unlocked at ../gobject/gsignal.c:3520 #16 g_settings_real_change_event at ../gio/gsettings.c:385 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2280142 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2279381] New: Apparent AMDGPU crash after resuming from suspend
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2279381 Bug ID: 2279381 Summary: Apparent AMDGPU crash after resuming from suspend Product: Fedora Version: 40 Hardware: x86_64 OS: Linux Status: NEW Component: cinnamon-session Keywords: Desktop Severity: medium Assignee: leigh123linux(a)googlemail.com Reporter: roguefortus(a)protonmail.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, leigh123linux(a)googlemail.com, riehecky(a)fnal.gov Target Milestone: --- Classification: Fedora I’ve been having suspend/resume issues on KDE and I’ve moved to Cinnamon to clear out from QT DEs. So far, I haven’t run into a issue with suspend/resume my machine, until now. Yesterday I suspended without any issues, but after resuming I had no monitor signal. I had no ability to go to a TTY, as such I had to hard reset. I looked at the Journalctl logs and it seems that my GPU crashed on resume? I don’t know, there are a lot of AMDGPU related errors. Reproducible: Didn't try Steps to Reproduce: 1.Click the start menu 2.Click the turn off button (this will bring a window asking if I want to turn off the PC while a 60 second countdown begins) 3.Click "Suspend" 4.After suspending, wake up the system. Actual Results: No video signal of any kind. Expected Results: I should be seeing Cinnamon's lock screen. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2279381 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

[Bug 2279218] New: [abrt] cinnamon: setDevice(): cs_sound.py:383:setDevice:AttributeError: 'NoneType' object has no attribute 'get_profiles'
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2279218 Bug ID: 2279218 Summary: [abrt] cinnamon: setDevice(): cs_sound.py:383:setDevice:AttributeError: 'NoneType' object has no attribute 'get_profiles' Product: Fedora Version: 40 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:c20e6c06d122cb64362534f7ab765b4a25d786e9;VAR IANT_ID=cinnamon; Component: cinnamon Assignee: leigh123linux(a)googlemail.com Reporter: dsnillo(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, leigh123linux(a)googlemail.com, miketwebster(a)gmail.com, riehecky(a)fnal.gov Target Milestone: --- Classification: Fedora Description of problem: On startup. Optiplex 7010, Cinnamon 6.0.4 Kernel 6.8.7-300.fc.x86_64 Processor Intel Core i5-2320 CPU @ 3.00 GHz x 4 Memory 19.4 GiB Hard Drives (4) 9210 Gb total Display Server X11 Curious - System info hangs when I click Copy to Clipboard. Version-Release number of selected component: cinnamon-6.0.4-5.fc40 Additional info: reporter: libreport-2.17.15 kernel: 6.8.7-300.fc40.x86_64 cmdline: cinnamon-settings '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' cgroup: 0::/user.slice/user-1000.slice/session-2.scope uid: 1000 reason: cs_sound.py:383:setDevice:AttributeError: 'NoneType' object has no attribute 'get_profiles' executable: /usr/share/cinnamon/cinnamon-settings/cinnamon-settings.py type: Python3 package: cinnamon-6.0.4-5.fc40 runlevel: N 5 exception_type: AttributeError crash_function: setDevice interpreter: cinnamon-6.0.4-5.fc40.x86_64 Truncated backtrace: cs_sound.py:383:setDevice:AttributeError: 'NoneType' object has no attribute 'get_profiles' Traceback (most recent call last): File "/usr/share/cinnamon/cinnamon-settings/modules/cs_sound.py", line 731, in activeOutputUpdate self.profile.setDevice(device) File "/usr/share/cinnamon/cinnamon-settings/modules/cs_sound.py", line 383, in setDevice profiles = device.get_profiles() ^^^^^^^^^^^^^^^^^^^ AttributeError: 'NoneType' object has no attribute 'get_profiles' Local variables in innermost frame: self: <cs_sound.ProfileSelector object at 0x7fcf53758ec0 (cs_sound+ProfileSelector at 0x55c4ba2e3450)> device: None Potential duplicate: bug 1978806 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2279218 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2276800] New: CVE-2024-32875 hugo: title arguments in Markdown for links and images not escaped in internal render hooks [fedora-all]
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2276800 Bug ID: 2276800 Summary: CVE-2024-32875 hugo: title arguments in Markdown for links and images not escaped in internal render hooks [fedora-all] Product: Fedora Version: 40 Status: NEW Component: hugo Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: athoscribeiro(a)gmail.com Reporter: rkeshri(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: athoscribeiro(a)gmail.com, epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, neil(a)shrug.pw, quantum.analyst(a)gmail.com, redhat(a)flyn.org Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2276799 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2276800 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 5

[Bug 2269647] New: [abrt] cinnamon: g_type_check_instance_is_fundamentally_a(): cinnamon killed by SIGSEGV
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2269647 Bug ID: 2269647 Summary: [abrt] cinnamon: g_type_check_instance_is_fundamentally_a(): cinnamon killed by SIGSEGV Product: Fedora Version: 40 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:3910e2e3252c8b648322ce8386cf0e2b57ab4b9c;VAR IANT_ID=cinnamon; Component: cinnamon Assignee: leigh123linux(a)googlemail.com Reporter: fabiojlbc1982(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, leigh123linux(a)googlemail.com, miketwebster(a)gmail.com, riehecky(a)fnal.gov Target Milestone: --- Classification: Fedora Version-Release number of selected component: cinnamon-6.0.4-5.fc40 Additional info: reporter: libreport-2.17.15 type: CCpp reason: cinnamon killed by SIGSEGV journald_cursor: s=52d7c2eb2897498a9440d49a25feb194;i=31d9;b=2628598754e74631ba5b1ffb889ce96a;m=8cbd502;t=613ab67e8273b;x=b542357ba3e57f7a executable: /usr/bin/cinnamon cmdline: /usr/bin/cinnamon --replace cgroup: 0::/user.slice/user-1000.slice/session-2.scope rootdir: / uid: 1000 kernel: 6.8.0-63.fc40.1.x86_64 package: cinnamon-6.0.4-5.fc40 runlevel: N 5 backtrace_rating: 4 crash_function: g_type_check_instance_is_fundamentally_a Truncated backtrace: Thread no. 1 (18 frames) #0 g_type_check_instance_is_fundamentally_a at ../gobject/gtype.c:4153 #2 _cinnamon_app_remove_window at ../src/cinnamon-app.c:995 #5 signal_emit_unlocked_R.isra.0 at ../gobject/gsignal.c:3879 #6 signal_emit_valist_unlocked at ../gobject/gsignal.c:3511 #9 meta_window_unmanage at ../src/core/window.c:1679 #10 meta_wayland_shell_surface_destroy_window at ../src/wayland/meta-wayland-shell-surface.c:368 #11 xdg_toplevel_destructor.lto_priv at ../src/wayland/meta-wayland-xdg-shell.c:194 #12 destroy_resource at ../src/wayland-server.c:732 #13 wl_resource_destroy at ../src/wayland-server.c:749 #14 ffi_call_unix64 at ../src/x86/unix64.S:104 #15 ffi_call_int at ../src/x86/ffi64.c:673 #16 ffi_call at ../src/x86/ffi64.c:710 #17 wl_closure_invoke at ../src/connection.c:1025 #18 wl_client_connection_data at ../src/wayland-server.c:438 #19 wl_event_loop_dispatch at ../src/event-loop.c:1027 #20 wayland_event_source_dispatch at ../src/wayland/meta-wayland.c:94 #22 g_main_context_dispatch_unlocked at ../glib/gmain.c:4152 #23 g_main_context_iterate_unlocked.isra.0 at ../glib/gmain.c:4217 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2269647 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

2025

2024

2023

2022

2021

Epel-packagers-sig July 2024