[Bug 1673856] New: tomcat-9.0.16 is available
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1673856
Bug ID: 1673856
Summary: tomcat-9.0.16 is available
Product: Fedora
Version: rawhide
Status: NEW
Component: tomcat
Keywords: FutureFeature, Triaged
Assignee: ivan.afonichev(a)gmail.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: alee(a)redhat.com, coolsvap(a)gmail.com,
csutherl(a)redhat.com, ivan.afonichev(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com
Target Milestone: ---
Classification: Fedora
Latest upstream release: 9.0.16
Current version/release in rawhide: 9.0.13-1.fc30
URL: http://tomcat.apache.org/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/17032/
--
You are receiving this mail because:
You are on the CC list for the bug.
4 years, 9 months
[Bug 1693326] New: CVE-2019-0199 tomcat: Apache Tomcat HTTP/2 DoS [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1693326
Bug ID: 1693326
Summary: CVE-2019-0199 tomcat: Apache Tomcat HTTP/2 DoS
[fedora-all]
Product: Fedora
Version: 29
Status: NEW
Component: tomcat
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: ivan.afonichev(a)gmail.com
Reporter: lpardo(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: alee(a)redhat.com, coolsvap(a)gmail.com,
csutherl(a)redhat.com, ivan.afonichev(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com
Target Milestone: ---
Classification: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
4 years, 9 months
[Bug 1664730] New: CVE-2018-20433 c3p0: XML external entity processing in extractXmlConfigFromInputStream [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1664730
Bug ID: 1664730
Summary: CVE-2018-20433 c3p0: XML external entity processing in
extractXmlConfigFromInputStream [fedora-all]
Product: Fedora
Version: 29
Status: NEW
Component: c3p0
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: mat.booth(a)redhat.com
Reporter: anemec(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: dingyichen(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
lef(a)fedoraproject.org, mat.booth(a)redhat.com
Target Milestone: ---
Classification: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
4 years, 11 months
[Bug 1684677] New: hamcrest fails to install
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1684677
Bug ID: 1684677
Summary: hamcrest fails to install
Product: Fedora
Version: rawhide
Status: NEW
Component: hamcrest
Assignee: dwalluck(a)redhat.com
Reporter: ascheel(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, dwalluck(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, mizdebsk(a)redhat.com
Target Milestone: ---
Classification: Fedora
Description of problem:
Under Rawhide,
> # dnf install -y hamcrest
Will fail due to a broken package:
> Last metadata expiration check: 0:06:16 ago on Fri 01 Mar 2019 03:33:40 PM EST.
> Error:
> Problem: package hamcrest-1.3-25.fc30.noarch requires hamcrest-core = 1.3-25.fc30, but none of the providers can be installed
> - conflicting requests
> - package hamcrest-core-1.3-25.fc30.noarch is excluded
> (try to add '--skip-broken' to skip uninstallable packages)
In particular, hamcrest @ 1.3-25 depends on hamcrest-core = 1.3-25, but only
hamcrest-core = 1.3-23.module_2512+68251d4e can be provided (from the ant
module).
Version-Release number of selected component (if applicable):
hamcrest @ 1.3-25.fc30
hamcrest-core @ 1.3-23.module_2512+68251d4e
How reproducible:
Very
Steps to Reproduce:
1. Install a fresh Rawhide system
2. dnf install -y hamcrest
Actual results:
Hamcrest can't be installed.
Expected results:
Hamcrest should be installable, either directly or as part of the ant module.
The dependencies shouldn't be broken.
--
You are receiving this mail because:
You are on the CC list for the bug.
4 years, 11 months
[Bug 1675352] New: maven: FTBFS in Fedora rawhide/f30
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1675352
Bug ID: 1675352
Summary: maven: FTBFS in Fedora rawhide/f30
Product: Fedora
Version: rawhide
Status: NEW
Component: maven
Assignee: extras-orphan(a)fedoraproject.org
Reporter: releng(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, extras-orphan(a)fedoraproject.org,
jamielinux(a)fedoraproject.org,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msrb(a)redhat.com,
sochotni(a)redhat.com
Blocks: 1674516
Target Milestone: ---
Classification: Fedora
maven failed to build from source in Fedora rawhide/f30
https://koji.fedoraproject.org/koji/taskinfo?taskID=32412982
For details on the mass rebuild see:
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
Please fix maven at your earliest convenience and set the bug's status to
ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks,
maven will be orphaned. Before branching of Fedora 31,
maven will be retired, if it still fails to build.
For more details on the FTBFS policy, please visit:
https://fedoraproject.org/wiki/Fails_to_build_from_source
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1674516
[Bug 1674516] (F30FTBFS) - Fedora 30 Mass Rebuild FTBFS Tracker
--
You are receiving this mail because:
You are on the CC list for the bug.
4 years, 11 months