November 2017 - java-sig-commits - Fedora Mailing-Lists

[Bug 1508795] New: okio-1.13.0 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1508795 Bug ID: 1508795 Summary: okio-1.13.0 is available Product: Fedora Version: rawhide Component: okio Assignee: mizdebsk(a)redhat.com Reporter: mgansser(a)online.de QA Contact: extras-qa(a)fedoraproject.org CC: gerard(a)ryan.lt, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, msimacek(a)redhat.com I got it compiled with this two lines in the prep section: # remove missing additional dependencies for the compiler plugin %pom_xpath_remove 'pom:plugin[pom:artifactId="maven-compiler-plugin"]//pom:compilerId' %pom_xpath_remove 'pom:plugin[pom:artifactId="maven-compiler-plugin"]//pom:dependencies' -- You are receiving this mail because: You are on the CC list for the bug.

6 years, 5 months

1
1
0 / 0

[Bug 1508110] CVE-2016-5002 xmlrpc: XML external entity vulnerability SSRF via a crafted DTD

by bugzilla＠redhat.com

6 years, 5 months

1
0
0 / 0

[Bug 1506612] CVE-2017-15095 jackson-databind: Unsafe deserialization due to incomplete black list ( incomplete fix for CVE-2017-7525)

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1506612 Doran Moppert <dmoppert(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1508703 --- Comment #11 from Doran Moppert <dmoppert(a)redhat.com> --- Created jackson-databind tracking bugs for this issue: Affects: fedora-all [bug 1508703] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1508703 [Bug 1508703] CVE-2017-15095 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) [fedora-all] -- You are receiving this mail because: You are on the CC list for the bug.

6 years, 5 months

1
0
0 / 0

[Bug 1506612] CVE-2017-15095 jackson-databind: Unsafe deserialization due to incomplete black list ( incomplete fix for CVE-2017-7525)

by bugzilla＠redhat.com

6 years, 5 months

1
0
0 / 0

[Bug 1508110] CVE-2016-5002 xmlrpc: XML external entity vulnerability SSRF via a crafted DTD

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1508110 Andrej Nemec <anemec(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1508328 -- You are receiving this mail because: You are on the CC list for the bug.

6 years, 5 months

1
0
0 / 0

[Bug 1404645] New: CVE-2016-681 activemq: Cross-site scripting in web based administration console

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1404645 Bug ID: 1404645 Summary: CVE-2016-681 activemq: Cross-site scripting in web based administration console Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: amaris(a)redhat.com CC: abhgupta(a)redhat.com, agrimm(a)gmail.com, aileenc(a)redhat.com, ccoleman(a)redhat.com, chazlett(a)redhat.com, dedgar(a)redhat.com, dmcphers(a)redhat.com, gvarsami(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jcoleman(a)redhat.com, jgoulding(a)redhat.com, jialiu(a)redhat.com, joelsmith(a)redhat.com, jokerman(a)redhat.com, kconner(a)redhat.com, kseifried(a)redhat.com, ldimaggi(a)redhat.com, lmeyer(a)redhat.com, mmccomas(a)redhat.com, nwallace(a)redhat.com, pavelp(a)redhat.com, puntogil(a)libero.it, rwagner(a)redhat.com, soa-p-jira(a)post-office.corp.redhat.com, s(a)shk.io, tcunning(a)redhat.com, tdawson(a)redhat.com, tiwillia(a)redhat.com, tkirby(a)redhat.com An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation. Affected versions: ActiveMQ 5.0.0 - 5.14.1 External Reference: http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announc... -- You are receiving this mail because: You are on the CC list for the bug.

6 years, 5 months

2
10
0 / 0

[Bug 1501529] CVE-2017-12629 Solr: Code execution via entity expansion

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1501529 Bug 1501529 depends on bug 1501838, which changed state. Bug 1501838 Summary: CVE-2017-12629 lucene: Solr: Code execution via entity expansion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1501838 What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug.

6 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

java-sig-commits November 2017