[Bug 1508131] New: CVE-2016-5004 xmlrpc: XSS in Content-Encoding HTTP header of xmlrpc [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1508131
Bug ID: 1508131
Summary: CVE-2016-5004 xmlrpc: XSS in Content-Encoding HTTP
header of xmlrpc [fedora-all]
Product: Fedora
Version: 26
Component: xmlrpc
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: mizdebsk(a)redhat.com
Reporter: psampaio(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: dbhole(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com, mizdebsk(a)redhat.com,
msimacek(a)redhat.com, puntogil(a)libero.it,
sochotni(a)redhat.com
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 5 months
[Bug 1434343] New: CVE-2017-2651 jenkins-mailer-plugin: Emails were sent to addresses not associated with actual users of Jenkins by Mailer Plugin [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1434343
Bug ID: 1434343
Summary: CVE-2017-2651 jenkins-mailer-plugin: Emails were sent
to addresses not associated with actual users of
Jenkins by Mailer Plugin [fedora-all]
Product: Fedora
Version: 25
Component: jenkins-mailer-plugin
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: msrb(a)redhat.com
Reporter: amaris(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
msrb(a)redhat.com
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 5 months
[Bug 1517477] New: Jenkins dependency is missing on Fedora 27
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1517477
Bug ID: 1517477
Summary: Jenkins dependency is missing on Fedora 27
Product: Fedora
Version: 27
Component: jenkins
Assignee: msrb(a)redhat.com
Reporter: psppsn96(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msrb(a)redhat.com
Created attachment 1359038
--> https://bugzilla.redhat.com/attachment.cgi?id=1359038&action=edit
jenkins.log
Description of problem:
Upon an upgrade from Fedora 25 to 27 (using dnf-plugin-system-upgrade), Jenkins
no longer returns anything on its web interface.
Version-Release number of selected component (if applicable):
jenkins-1.651.3-6.fc27.noarch
Additional info:
Lines of the log that grab my attention
INFO: NO JSP Support for , did not find org.apache.jasper.servlet.JspServlet
and
Caused by: java.lang.NoSuchMethodError: org.dom4j.io.HTMLWriter.setEnabled(Z)V
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 5 months
[Bug 1539175] New: CVE-2018-1051 resteasy: Unsafe unmarshalling in YamlProvider allows code execution [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1539175
Bug ID: 1539175
Summary: CVE-2018-1051 resteasy: Unsafe unmarshalling in
YamlProvider allows code execution [fedora-all]
Product: Fedora
Version: 27
Component: resteasy
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: alee(a)redhat.com
Reporter: kseifried(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: alee(a)redhat.com, dchen(a)redhat.com, edewata(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
mgoldman(a)redhat.com, puntogil(a)libero.it,
weli(a)redhat.com
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 5 months
[Bug 1564409] New: CVE-2018-1270 CVE-2018-1272 springframework: various flaws [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1564409
Bug ID: 1564409
Summary: CVE-2018-1270 CVE-2018-1272 springframework: various
flaws [fedora-all]
Product: Fedora
Version: 27
Component: springframework
Keywords: Security, SecurityTracking
Severity: urgent
Priority: urgent
Assignee: puntogil(a)libero.it
Reporter: anemec(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: dchen(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
lef(a)fedoraproject.org, puntogil(a)libero.it
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 5 months
[Bug 1509193] New: CVE-2017-12625 hive: Information disclosure vulnerability for column masking [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1509193
Bug ID: 1509193
Summary: CVE-2017-12625 hive: Information disclosure
vulnerability for column masking [fedora-all]
Product: Fedora
Version: 26
Component: hive
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: pmackinn(a)redhat.com
Reporter: anemec(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
me(a)coolsvap.net, moceap(a)hotmail.com,
pmackinn(a)redhat.com
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 5 months