[Bug 1210186] New: plexus-active-collections should be retired
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1210186
Bug ID: 1210186
Summary: plexus-active-collections should be retired
Product: Fedora
Version: rawhide
Component: plexus-active-collections
Assignee: yyang(a)redhat.com
Reporter: mizdebsk(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, yyang(a)redhat.com
I believe that plexus-active-collections package should be retired in Fedora
rawhide. Reason: project has been retired upstream. I've checked and nothing
requires or bulid-requires this package.
Package owner: Can you retire the package in f23? Or if you prefer I can retire
it - in this case just orphan the package and let me know and I will retire it
myself.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=A3oSlUjMY9&a=cc_unsubscribe
7 years, 4 months
[Bug 1257246] New: CVE-2015-6524 activemq: LDAPLoginModule implementation allows wildcard operators in usernames
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1257246
Bug ID: 1257246
Summary: CVE-2015-6524 activemq: LDAPLoginModule implementation
allows wildcard operators in usernames
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: agrimm(a)redhat.com, bleanhar(a)redhat.com,
ccoleman(a)redhat.com, dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jdetiber(a)redhat.com, jialiu(a)redhat.com,
jkeck(a)redhat.com, joelsmith(a)redhat.com,
jokerman(a)redhat.com, kseifried(a)redhat.com,
lmeyer(a)redhat.com, mmccomas(a)redhat.com, s(a)shk.io,
tdawson(a)redhat.com, weli(a)redhat.com
Common Vulnerabilities and Exposures assigned an identifier CVE-2015-6524 to
the following vulnerability:
The LDAPLoginModule implementation the Java Authentication and Authorization
Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators
in usernames, which allows remote attackers to obtain credentials via a brute
force attack.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=kJ763Ve2az&a=cc_unsubscribe
_______________________________________________
java-sig-commits mailing list
java-sig-commits(a)lists.fedoraproject.org
http://lists.fedoraproject.org/postorius/java-sig-commits@lists.fedorapro...
7 years, 6 months