July 2015 - java-sig-commits - Fedora Mailing-Lists

[Bug 1242389] New: castor-maven-plugin-2.5 is available

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1242389 Bug ID: 1242389 Summary: castor-maven-plugin-2.5 is available Product: Fedora Version: rawhide Component: castor-maven-plugin Assignee: mat.booth(a)redhat.com Reporter: puntogil(a)libero.it QA Contact: extras-qa(a)fedoraproject.org CC: java-sig-commits(a)lists.fedoraproject.org, mat.booth(a)redhat.com Latest upstream release: 2.5 Current version/release in rawhide: 2.1-5.fc23 URL: https://github.com/mojohaus/castor-maven-plugin/tags NOTE: new home http://www.mojohaus.org/castor-maven-plugin/ please, fix Url field -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=q5nNmH5koA&a=cc_unsubscribe

8 years, 9 months

1
4
0 / 0

[Bug 1239991] New: scalaz: FTBFS in rawhide

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1239991 Bug ID: 1239991 Summary: scalaz: FTBFS in rawhide Product: Fedora Version: rawhide Component: scalaz Assignee: willb(a)redhat.com Reporter: dennis(a)ausil.us QA Contact: extras-qa(a)fedoraproject.org CC: java-sig-commits(a)lists.fedoraproject.org, willb(a)redhat.com Blocks: 1239338 (F23FTBFS) Your package scalaz failed to build from source in current rawhide. http://koji.fedoraproject.org/koji/taskinfo?taskID=10152455 For details on mass rebuild see https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1239338 [Bug 1239338] Fedora 23 Mass Rebuild FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=j50h5cYkzw&a=cc_unsubscribe

8 years, 9 months

1
7
0 / 0

[Bug 1239619] New: json4s: FTBFS in rawhide

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1239619 Bug ID: 1239619 Summary: json4s: FTBFS in rawhide Product: Fedora Version: rawhide Component: json4s Assignee: willb(a)redhat.com Reporter: dennis(a)ausil.us QA Contact: extras-qa(a)fedoraproject.org CC: java-sig-commits(a)lists.fedoraproject.org, willb(a)redhat.com Blocks: 1239338 (F23FTBFS) Your package json4s failed to build from source in current rawhide. http://koji.fedoraproject.org/koji/taskinfo?taskID=10100127 For details on mass rebuild see https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1239338 [Bug 1239338] Fedora 23 Mass Rebuild FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=IZdVvhN1MN&a=cc_unsubscribe

8 years, 9 months

1
6
0 / 0

[Bug 1239362] New: activemq: FTBFS in rawhide

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1239362 Bug ID: 1239362 Summary: activemq: FTBFS in rawhide Product: Fedora Version: rawhide Component: activemq Assignee: s(a)shk.io Reporter: dennis(a)ausil.us QA Contact: extras-qa(a)fedoraproject.org CC: agrimm(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, s(a)shk.io, tdawson(a)redhat.com Blocks: 1239338 (F23FTBFS) Your package activemq failed to build from source in current rawhide. http://koji.fedoraproject.org/koji/taskinfo?taskID=10076821 For details on mass rebuild see https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1239338 [Bug 1239338] Fedora 23 Mass Rebuild FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=aTRM0mtNYB&a=cc_unsubscribe

8 years, 9 months

1
7
0 / 0

[Bug 1239633] New: kryo-serializers: FTBFS in rawhide

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1239633 Bug ID: 1239633 Summary: kryo-serializers: FTBFS in rawhide Product: Fedora Version: rawhide Component: kryo-serializers Assignee: tstclair(a)redhat.com Reporter: dennis(a)ausil.us QA Contact: extras-qa(a)fedoraproject.org CC: java-sig-commits(a)lists.fedoraproject.org, tstclair(a)redhat.com Blocks: 1239338 (F23FTBFS) Your package kryo-serializers failed to build from source in current rawhide. http://koji.fedoraproject.org/koji/taskinfo?taskID=10102349 For details on mass rebuild see https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1239338 [Bug 1239338] Fedora 23 Mass Rebuild FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=KTMvFsM43q&a=cc_unsubscribe

8 years, 9 months

1
5
0 / 0

Packaging for RHEL/EPEL 6 and 7?

by Dave Johansen

I would like to package Jenkins for RHEL/EPEL 6 and 7. Is there a current or recent version from Fedora that would be a good starting point? Any other advice? Thanks, Dave

8 years, 9 months

2
6
0 / 0

[Bug 1230761] New: CVE-2015-4165 elasticsearch: unspecified arbitrary files modification vulnerability

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1230761 Bug ID: 1230761 Summary: CVE-2015-4165 elasticsearch: unspecified arbitrary files modification vulnerability Product: Security Response Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: bkabrda(a)redhat.com, bkearney(a)redhat.com, bobjensen(a)gmail.com, cbillett(a)redhat.com, cpelland(a)redhat.com, cperry(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jvanek(a)redhat.com, katello-bugs(a)redhat.com, kseifried(a)redhat.com, mmccune(a)redhat.com, ohadlevy(a)redhat.com, pbrobinson(a)gmail.com, tjay(a)redhat.com, tomckay(a)redhat.com, zbyszek(a)in.waw.pl All Elasticsearch versions from 1.0.0 to 1.5.2 are vulnerable to an attack that uses Elasticsearch to modify files read and executed by certain other applications. Upstream bug/commit unknown at the time of writing. Mitigation: =========== Users should upgrade to 1.6.0. Alternately, ensure that other applications are not present on the system, or that Elasticsearch cannot write into areas where these applications would read. External References: https://www.elastic.co/community/security/ -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=H4BjU1KRX1&a=cc_unsubscribe

8 years, 9 months

1
12
0 / 0

[Bug 1230765] New: CVE-2015-4165 elasticsearch: unspecified arbitrary files modification vulnerability [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1230765 Bug ID: 1230765 Summary: CVE-2015-4165 elasticsearch: unspecified arbitrary files modification vulnerability [fedora-all] Product: Fedora Version: 22 Component: elasticsearch Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: jvanek(a)redhat.com Reporter: vkaigoro(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bkabrda(a)redhat.com, bobjensen(a)gmail.com, java-sig-commits(a)lists.fedoraproject.org, jvanek(a)redhat.com, pbrobinson(a)gmail.com, zbyszek(a)in.waw.pl Blocks: 1230761 (CVE-2015-4165) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1230761 [Bug 1230761] CVE-2015-4165 elasticsearch: unspecified arbitrary files modification vulnerability -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=PfCHFlzQOT&a=cc_unsubscribe

8 years, 9 months

1
7
0 / 0

[Bug 1244238] New: CVE-2015-5531 elasticsearch: directory traversal attack

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1244238 Bug ID: 1244238 Summary: CVE-2015-5531 elasticsearch: directory traversal attack Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: bkabrda(a)redhat.com, bkearney(a)redhat.com, bobjensen(a)gmail.com, cbillett(a)redhat.com, cpelland(a)redhat.com, cperry(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jvanek(a)redhat.com, katello-bugs(a)redhat.com, kseifried(a)redhat.com, mmccune(a)redhat.com, ohadlevy(a)redhat.com, pbrobinson(a)gmail.com, tjay(a)redhat.com, tomckay(a)redhat.com, zbyszek(a)in.waw.pl It was reported that Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack. Mitigation: Constrain access to the snapshot API to trusted sources. Statement: This issue did not affecte versions of elasticsearch as shipped with Red Hat Satellite 6 and Subscription Asset Manager 1. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=6qCGPbSGgj&a=cc_unsubscribe

8 years, 9 months

1
9
0 / 0

[Bug 1244236] New: CVE-2015-5377 elasticsearch: unspecified remote code execution vulnerability

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1244236 Bug ID: 1244236 Summary: CVE-2015-5377 elasticsearch: unspecified remote code execution vulnerability Product: Security Response Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: bkabrda(a)redhat.com, bkearney(a)redhat.com, bobjensen(a)gmail.com, cbillett(a)redhat.com, cpelland(a)redhat.com, cperry(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jvanek(a)redhat.com, katello-bugs(a)redhat.com, kseifried(a)redhat.com, mmccune(a)redhat.com, ohadlevy(a)redhat.com, pbrobinson(a)gmail.com, tjay(a)redhat.com, tomckay(a)redhat.com, zbyszek(a)in.waw.pl It was reported that Elasticsearch versions prior to 1.6.1 are vulnerable to an unspecified attack, leading to remote code execution. Upstream fix is not known at the time of writing. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=JKu9hWgakf&a=cc_unsubscribe

8 years, 9 months

1
8
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

java-sig-commits July 2015