January 2016 - java-sig-commits - Fedora Mailing-Lists

[Bug 958727] New: plexus-utils: XMLWriterUtil should guard against problematic comments

by Red Hat Bugzilla

Product: Fedora https://bugzilla.redhat.com/show_bug.cgi?id=958727 Bug ID: 958727 Summary: plexus-utils: XMLWriterUtil should guard against problematic comments Product: Fedora Version: rawhide Component: plexus-utils Severity: unspecified Priority: unspecified Assignee: fnasser(a)redhat.com Reporter: fweimer(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fnasser(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com Blocks: 958220 Category: --- org.codehaus.plexus.util.xml#writeComment(XMLWriter, String, int, int, int) does not check if the comment includes a "-->" sequence. This means that text contained in the command string could be interpreted as XML, possibly leading to XML injection issues, depending on how this method is being called. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=N5myzkUcYQ&a=cc_unsubscribe

8 years

1
6
0 / 0

[Bug 958221] New: plexus-utils: directory traversal in org.codehaus.plexus.util.Expand

by Red Hat Bugzilla

Product: Fedora https://bugzilla.redhat.com/show_bug.cgi?id=958221 Bug ID: 958221 Summary: plexus-utils: directory traversal in org.codehaus.plexus.util.Expand Product: Fedora Version: rawhide Component: plexus-utils Severity: unspecified Priority: unspecified Assignee: fnasser(a)redhat.com Reporter: fweimer(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fnasser(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com Blocks: 958220 Category: --- org.codehaus.plexus.util.Expand does not guard against directory traversal, but such protection is generally expected from unarchiving tools. I think the class should just be deprecated and removed because there do not appear to be any users left (not even a test case). -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=hp1lhU9LQd&a=cc_unsubscribe

8 years

1
5
0 / 0

[Bug 1286800] New: Failed to start component due to wrong allowLinking="true" in context.xml

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1286800 Bug ID: 1286800 Summary: Failed to start component due to wrong allowLinking="true" in context.xml Product: Fedora Version: 23 Component: tomcat Severity: low Assignee: ivan.afonichev(a)gmail.com Reporter: wolf(a)parallels.com QA Contact: extras-qa(a)fedoraproject.org CC: alee(a)redhat.com, csutherl(a)redhat.com, ivan.afonichev(a)gmail.com, java-sig-commits(a)lists.fedoraproject.org, krzysztof.daniel(a)gmail.com, me(a)coolsvap.net Description of problem: Failed to start component due to wrong allowLinking="true" in context.xml Version-Release number of selected component (if applicable): tomcat-webapps-8.0.26-1.fc23.noarch How reproducible: 100% Steps to Reproduce: 1. Try to open tomcat example 2. It fails Actual results: In tomcat logs: --- 30-Nov-2015 15:03:45.958 WARNING [localhost-startStop-1] org.apache.catalina.startup.SetContextPropertiesRule.begin SetContextPropertiesRule]{Context} Setting property 'allowLinking' to 'true' did not find a matching property. 30-Nov-2015 15:03:45.992 SEVERE [localhost-startStop-1] org.apache.catalina.core.ContainerBase.addChildInternal ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component StandardEngine[Catalina].StandardHost[localhost].StandardContext[/examples]] --- Expected results: No failures Additional info: As described here: https://tomcat.apache.org/migration-8.html#Web_application_resources the /var/lib/tomcat/webapps/examples/META-INF/context.xml should contain <Context> <Resources allowLinking="true" /> </Context> instead of <Context allowLinking="true"/> -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=DGimPgIyUm&a=cc_unsubscribe

8 years

1
5
0 / 0

[Bug 1243132] New: Recommend tomcat-native

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1243132 Bug ID: 1243132 Summary: Recommend tomcat-native Product: Fedora Version: rawhide Component: tomcat Assignee: ivan.afonichev(a)gmail.com Reporter: ville.skytta(a)iki.fi QA Contact: extras-qa(a)fedoraproject.org CC: alee(a)redhat.com, ivan.afonichev(a)gmail.com, java-sig-commits(a)lists.fedoraproject.org, krzysztof.daniel(a)gmail.com, me(a)coolsvap.net Per https://fedoraproject.org/wiki/Packaging:WeakDependencies I think Recommends is fine for this, but if you want to go softer, Suggests works for that. 'git am'able fix attached, let me know if you'd like me to push and build this for devel. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=OxZiNHjLDA&a=cc_unsubscribe

8 years

1
5
0 / 0

[Bug 1294483] New: checkstyle-6.14 is available

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1294483 Bug ID: 1294483 Summary: checkstyle-6.14 is available Product: Fedora Version: rawhide Component: checkstyle Keywords: FutureFeature, Triaged Assignee: mizdebsk(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: dbhole(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, msimacek(a)redhat.com, msrb(a)redhat.com Latest upstream release: 6.14 Current version/release in rawhide: 6.13-1.fc24 URL: http://sourceforge.net/projects/checkstyle Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=qQOhHvyksf&a=cc_unsubscribe

8 years

1
11
0 / 0

[Bug 1297240] New: maven-shade-plugin-2.4.3 is available

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1297240 Bug ID: 1297240 Summary: maven-shade-plugin-2.4.3 is available Product: Fedora Version: rawhide Component: maven-shade-plugin Keywords: FutureFeature, Triaged Assignee: mizdebsk(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: jaromir.capik(a)email.cz, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, msimacek(a)redhat.com, msrb(a)redhat.com Latest upstream release: 2.4.3 Current version/release in rawhide: 2.4.2-1.fc24 URL: http://repo2.maven.org/maven2/org/apache/maven/plugins/maven-shade-plugin/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=bCe9Op6tOj&a=cc_unsubscribe

8 years

1
5
0 / 0

[Bug 1287384] New: xbean-4.5 is available

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1287384 Bug ID: 1287384 Summary: xbean-4.5 is available Product: Fedora Version: rawhide Component: xbean Keywords: FutureFeature, Triaged Assignee: mizdebsk(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: java-sig-commits(a)lists.fedoraproject.org, krzysztof.daniel(a)gmail.com, mizdebsk(a)redhat.com, msimacek(a)redhat.com, msrb(a)redhat.com Latest upstream release: 4.5 Current version/release in rawhide: 4.4-1.fc24 URL: http://repo2.maven.org/maven2/org/apache/xbean/xbean/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=QKeKr8cZDz&a=cc_unsubscribe

8 years

1
11
0 / 0

[Bug 1262238] New: gradle: Add manual page

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1262238 Bug ID: 1262238 Summary: gradle: Add manual page Product: Fedora Version: rawhide Component: gradle Keywords: FutureFeature Assignee: mizdebsk(a)redhat.com Reporter: mizdebsk(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: java-sig-commits(a)lists.fedoraproject.org, mgoldman(a)redhat.com, mizdebsk(a)redhat.com, msimacek(a)redhat.com, mspaulding06(a)gmail.com, msrb(a)redhat.com It would be good to add manpage for gradle command. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=h9YtqUmhDG&a=cc_unsubscribe _______________________________________________ java-sig-commits mailing list java-sig-commits(a)lists.fedoraproject.org http://lists.fedoraproject.org/postorius/java-sig-commits@lists.fedorapro...

8 years

1
1
0 / 0

[Bug 1283736] New: nosync i686 can not be installed on from x86_64 system

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1283736 Bug ID: 1283736 Summary: nosync i686 can not be installed on from x86_64 system Product: Fedora Version: 22 Component: nosync Assignee: mizdebsk(a)redhat.com Reporter: hobbes1069(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, msimacek(a)redhat.com, msrb(a)redhat.com Description of problem: When trying to upgrade from f21 to f22 I had to remove nosync.i686 before system-upgrade would complete. After the upgrade finished I attempted a: dnf install nosync.i686 but no package was found. Version-Release number of selected component (if applicable): nosync-1.0-2.fc22.i686 Additional info: It seems that the i686 package is not available in the x86_64 repository for some reason. I was able to install the i686 build from koji that matches the NVR of x86_64. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=UCUZ7p57It&a=cc_unsubscribe

8 years

1
5
0 / 0

[Bug 1193307] New: tomcat: do not provide javax.el:el-api

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1193307 Bug ID: 1193307 Summary: tomcat: do not provide javax.el:el-api Product: Fedora Version: 22 Component: tomcat Assignee: ivan.afonichev(a)gmail.com Reporter: msrb(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: ivan.afonichev(a)gmail.com, java-sig-commits(a)lists.fedoraproject.org, krzysztof.daniel(a)gmail.com Description of problem: tomcat currently provides, among others, mvn(javax.el:el-api). The problem is that the glassfish-el-api provides it as well. This causes other packages fail to build, if both tomcat and glassfish-el-api happen to be in the buildroot. I think that glassfish-el-api should be the one providing javax.el:el-api, as it is a reference implementation of EL. Java packaging guidelines should be updated as well. Version-Release number of selected component (if applicable): tomcat-8.0.18-1.fc23 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=kgtemPVawE&a=cc_unsubscribe

8 years, 1 month

1
2
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

java-sig-commits January 2016