[Bug 830786] New: maven-ant-tasks has missing runtime dependency on maven-error-diagnostics
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=830786
Bug ID: 830786
QA Contact: extras-qa(a)fedoraproject.org
Severity: unspecified
Version: 17
Priority: unspecified
CC: java-sig-commits(a)lists.fedoraproject.org,
orion(a)cora.nwra.com
Assignee: orion(a)cora.nwra.com
Summary: maven-ant-tasks has missing runtime dependency on
maven-error-diagnostics
Regression: ---
Story Points: ---
Classification: Fedora
OS: Unspecified
Reporter: michel+fdr(a)sylvestre.me
Type: Bug
Documentation: ---
Hardware: Unspecified
Mount Type: ---
Status: NEW
Component: maven-ant-tasks
Product: Fedora
Description of problem:
Attempting to build software that depends on maven-ant-tasks using mvn-rpmbuild
fails unless I add an explicit BR on maven-error-diagnostics; this is listed in
maven-ant-tasks' POM file as a dependency but the RPM does not depend on it.
Version-Release number of selected component (if applicable):
maven-ant-tasks-2.1.1-9.fc17
How reproducible:
Always
Steps to Reproduce:
1. Download Leiningen SRPM (bug #830784) and its dependencies still being
reviewed
2. Edit spec, disable BR on maven-error-diagnostics
3. Attempt to rebuild
Actual results:
Build fails - maven-ant-tasks requires in maven-error-diagnostics but its RPM
does not depend on it
Expected results:
Build succeeds
Additional info:
--
You are receiving this mail because:
You are on the CC list for the bug.
11 years, 1 month
[Bug 889395] New: Tomcat adds colon to the beginning of the classpath; problem with automount
by Red Hat Bugzilla
Product: Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=889395
Bug ID: 889395
Summary: Tomcat adds colon to the beginning of the classpath;
problem with automount
Product: Fedora
Version: 17
Component: tomcat
Severity: unspecified
Priority: unspecified
Reporter: andreasg123(a)gmail.com
Description of problem:
Tomcat creates a classpath starting with ":". At least java-1.6.0-openjdk and
java-1.7.0-openjdk interpret that as having "." in the classpath. Also, the
tomcat service starts in the directory "/". Thus, any class from a package
starting with "net." first checks in the automount directory, causing long
delays due to DNS lookup of a non-existing host.
Version-Release number of selected component (if applicable):
tomcat-7.0.33-2.fc17.noarch
How reproducible:
Always
Steps to Reproduce:
1. Configure automount "-hosts" for the /net directory.
2. Use a Java class net.*
3. Access it from Tomcat
Actual results:
A long delay whenever that class is accessed.
Expected results:
Do not include the current directory ("/") in the classpath.
Additional info:
The problem is in /usr/sbin/tomcat:
# CLASSPATH munging
if [ -n "$JSSE_HOME" ]; then
CLASSPATH="${CLASSPATH}:$(build-classpath jcert jnet jsse 2>/dev/null)"
fi
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/bootstrap.jar"
The Apache distribution for Tomcat handles that better in the file catalina.sh:
# Add on extra jar files to CLASSPATH
if [ ! -z "$CLASSPATH" ] ; then
CLASSPATH="$CLASSPATH":
fi
CLASSPATH="$CLASSPATH""$CATALINA_HOME"/bin/bootstrap.jar
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=FBpUBDbv8h&a=cc_unsubscribe
11 years, 1 month
[Bug 883676] New: CVE-2012-4431 Tomcat/JBoss Web - Bypass of CSRF prevention filter [fedora-all]
by Red Hat Bugzilla
Product: Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=883676
Bug ID: 883676
Summary: CVE-2012-4431 Tomcat/JBoss Web - Bypass of CSRF
prevention filter [fedora-all]
Product: Fedora
Version: 17
Component: tomcat
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Reporter: aneelica(a)redhat.com
Blocks: 883636 (CVE-2012-4431)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects multiple supported versions of Fedora.
Only one tracking bug has been filed; please ensure that it is only closed
when all affected versions are fixed.
[bug automatically created by: add-tracking-bugs]
--
You are receiving this mail because:
You are on the CC list for the bug.
11 years, 1 month