[Bug 1532123] CVE-2017-17837 deltaspike: Apache DeltaSpike: XSS injection vulnerability in windowId handling [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1532123
--- Comment #1 from Sam Fowler <sfowler(a)redhat.com> ---
Use the following template to for the 'fedpkg update' request to submit an
update for this issue as it contains the top-level parent bug(s) as well as
this tracking bug. This will ensure that all associated bugs get updated
when new packages are pushed to stable.
=====
# bugfix, security, enhancement, newpackage (required)
type=security
# testing, stable
request=testing
# Bug numbers: 1234,9876
bugs=1532122,1532123
# Description of your update
notes=Security fix for [PUT CVEs HERE]
# Enable request automation based on the stable/unstable karma thresholds
autokarma=True
stable_karma=3
unstable_karma=-3
# Automatically close bugs when this marked as stable
close_bugs=True
# Suggest that users restart after update
suggest_reboot=False
======
Additionally, you may opt to use the bodhi web interface to submit updates:
https://bodhi.fedoraproject.org/updates/new
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 4 months
[Bug 1529820] New: xz-java-1.7 is available
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1529820
Bug ID: 1529820
Summary: xz-java-1.7 is available
Product: Fedora
Version: rawhide
Component: xz-java
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com, mizdebsk(a)redhat.com,
msimacek(a)redhat.com
Latest upstream release: 1.7
Current version/release in rawhide: 1.6-5.fc28
URL: http://tukaani.org/xz/java.html
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/5278/
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 4 months
[Bug 1516043] New: Fedora 27 upgrade fails 100%: xmvn-launcher and aether-ant-tasks dependency problems
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1516043
Bug ID: 1516043
Summary: Fedora 27 upgrade fails 100%: xmvn-launcher and
aether-ant-tasks dependency problems
Product: Fedora
Version: 27
Component: xmvn
Severity: high
Assignee: mizdebsk(a)redhat.com
Reporter: gasserles(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mat.booth(a)redhat.com, mizdebsk(a)redhat.com,
msimacek(a)redhat.com, msrb(a)redhat.com
Description of problem: Can't upgrade to Fedora 27: xmvn-launcher can't be
found/installed. I'm trying to upgrade
from a working Fedora 26 to Fedora 27 following instructions on this page:
https://fedoraproject.org/wiki/DNF_system_upgrade
Version-Release number of selected component (if applicable):
xmvn-launcher-2.5.0-21.fc26.noarch (?)
aether-ant-tasks-1:1.0.1-6.fc26.noarch (?)
How reproducible:
Use "sudo dnf system-upgrade download --refresh --releasever=27" - fails
every time. see below.
Steps to Reproduce:
sudo dnf system-upgrade download --refresh --releasever=27
Actual results:
[this-user: ~]$ sudo dnf upgrade --refresh (also tried "dnf --refresh upgrade"
per below; same result)
[sudo] password for this-user:
Last metadata expiration check: 0:00:00 ago on Tue Nov 21 15:22:19 2017.
Dependencies resolved.
Nothing to do.
Complete!
[this-user: ~]$ sudo dnf system-upgrade download --refresh --releasever=27
Before you continue ensure that your system is fully upgraded by running "dnf
--refresh upgrade". Do you want to continue [y/N]: y
Last metadata expiration check: 0:00:00 ago on Tue Nov 21 15:22:59 2017.
Error:
Problem: package aether-ant-tasks-1:1.0.1-6.fc26.noarch requires
xmvn-launcher, but none of the providers can be installed
- xmvn-launcher-2.5.0-21.fc26.noarch does not belong to a distupgrade
repository
- problem with installed package aether-ant-tasks-1:1.0.1-6.fc26.noarch
[this-user: ~]$
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 4 months