[Bug 1670025] New: bcel-6.3 is available
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1670025
Bug ID: 1670025
Summary: bcel-6.3 is available
Product: Fedora
Version: rawhide
Status: NEW
Component: bcel
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: agrimm(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, richardfearn(a)gmail.com
Target Milestone: ---
Classification: Fedora
Latest upstream release: 6.3
Current version/release in rawhide: 6.2-3.fc29
URL: http://www.apache.org/dist/commons/bcel/source/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/171/
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years
[Bug 1550671] CVE-2018-1067 undertow: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of CVE-2016-4993)
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1550671
Chess Hazlett <chazlett(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018
|0425:1751,reported=20180301 |0425:1751,reported=20180301
|,source=researcher,cvss2=5. |,source=researcher,cvss2=5.
|8/AV:N/AC:M/Au:N/C:P/I:P/A: |8/AV:N/AC:M/Au:N/C:P/I:P/A:
|N,cvss3=5.4/CVSS:3.0/AV:N/A |N,cvss3=5.4/CVSS:3.0/AV:N/A
|C:L/PR:N/UI:R/S:U/C:L/I:L/A |C:L/PR:N/UI:R/S:U/C:L/I:L/A
|:N,cwe=CWE-113,fedora-all/w |:N,cwe=CWE-113,fedora-all/w
|ildfly=affected,eap-6/jboss |ildfly=affected,eap-6/jboss
|web=notaffected,eap-7/under |web=notaffected,eap-7/under
|tow=affected,openshift-1/jb |tow=affected,openshift-1/jb
|ossweb=affected,rhel-6/tomc |ossweb=affected,rhel-6/tomc
|at6=notaffected,rhel-7/tomc |at6=notaffected,rhel-7/tomc
|at=notaffected,jbews-2/tomc |at=notaffected,jbews-2/tomc
|at7=notaffected,jbews-2/tom |at7=notaffected,jbews-2/tom
|cat6=notaffected,eap-7/wild |cat6=notaffected,eap-7/wild
|fly=new,jdg-7/wildfly=new,r |fly=new,jdg-7/wildfly=new,r
|hev-m-4/eap7-wildfly=notaff |hev-m-4/eap7-wildfly=notaff
|ected,rhsso-7/wildfly=new,j |ected,rhsso-7/wildfly=new,j
|dg-6/jbossweb=new,eap-5/jbo |dg-6/jbossweb=notaffected,e
|ssweb=new,brms-5/jbossweb=w |ap-5/jbossweb=new,brms-5/jb
|ontfix,soap-5/jbossweb=wont |ossweb=wontfix,soap-5/jboss
|fix,fsw-6/jbossweb=wontfix, |web=wontfix,fsw-6/jbossweb=
|fuse-6/jbossweb=wontfix,fed |wontfix,fuse-6/jbossweb=won
|ora-all/tomcat=affected,epe |tfix,fedora-all/tomcat=affe
|l-6/tomcat=notaffected,rhel |cted,epel-6/tomcat=notaffec
|-5/tomcat5=notaffected,rhel |ted,rhel-5/tomcat5=notaffec
|-8/pki-servlet-container=no |ted,rhel-8/pki-servlet-cont
|taffected,rhscl-3/rh-java-c |ainer=notaffected,rhscl-3/r
|ommon-tomcat=notaffected,sw |h-java-common-tomcat=notaff
|arm-7/undertow=affected,fed |ected,swarm-7/undertow=affe
|ora-all/undertow=affected,r |cted,fedora-all/undertow=af
|hev-m-4/eap7-undertow=affec |fected,rhev-m-4/eap7-undert
|ted |ow=affected
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years
[Bug 1629083] CVE-2018-11775 activemq: ActiveMQ Client Missing TLS Hostname Verification
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1629083
Chess Hazlett <chazlett(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018
|0910,reported=20180914,sour |0910,reported=20180914,sour
|ce=cve,cvss3=6.8/CVSS:3.0/A |ce=cve,cvss3=6.8/CVSS:3.0/A
|V:N/AC:H/PR:N/UI:R/S:U/C:H/ |V:N/AC:H/PR:N/UI:R/S:U/C:H/
|I:H/A:N,fedora-all/activemq |I:H/A:N,fedora-all/activemq
|=affected,jbds-11/activemq= |=affected,jbds-11/activemq=
|new,amq-6/activemq=new,jdg- |new,amq-6/activemq=affected
|7/activemq-artemis=notaffec |,jdg-7/activemq-artemis=not
|ted,eap-7/activemq-artemis= |affected,eap-7/activemq-art
|notaffected,fsw-6/activemq= |emis=notaffected,fsw-6/acti
|new,fuse-6/activemq=new,fus |vemq=new,fuse-6/activemq=af
|e-7/activemq=new,rhdm-7/act |fected,fuse-7/activemq=nota
|ivemq-artemis=new,rhpam-7/a |ffected,rhdm-7/activemq-art
|ctivemq-artemis=notaffected |emis=new,rhpam-7/activemq-a
|,rhsso-7/activemq-artemis=n |rtemis=notaffected,rhsso-7/
|otaffected,rhev-m-4/eap7-ac |activemq-artemis=notaffecte
|tivemq-artemis=notaffected |d,rhev-m-4/eap7-activemq-ar
| |temis=notaffected
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years
[Bug 1581542] CVE-2018-8012 zookeeper: No authentication or authorization is enforced when a server joins a quorum
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1581542
Chess Hazlett <chazlett(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=important,public=201 |impact=important,public=201
|80522,reported=20180523,sou |80522,reported=20180523,sou
|rce=oss-security,cvss3=7.4/ |rce=oss-security,cvss3=7.4/
|CVSS:3.0/AV:N/AC:H/PR:N/UI: |CVSS:3.0/AV:N/AC:H/PR:N/UI:
|N/S:U/C:H/I:H/A:N,cwe=(CWE- |N/S:U/C:H/I:H/A:N,cwe=(CWE-
|306|CWE-862),fedora-all/zoo |306|CWE-862),fedora-all/zoo
|keeper=affected,amq-6/zooke |keeper=affected,amq-6/zooke
|eper=wontfix,jdv-6/zookeepe |eper=wontfix,jdv-6/zookeepe
|r=new,amq-st/zookeeper=nota |r=notaffected,amq-st/zookee
|ffected,bpms-6/zookeeper=no |per=notaffected,bpms-6/zook
|taffected,brms-6/zookeeper= |eeper=notaffected,brms-6/zo
|notaffected,fsw-6/zookeeper |okeeper=notaffected,fsw-6/z
|=notaffected,fuse-6/zookeep |ookeeper=notaffected,fuse-6
|er=wontfix,fuse-7/zookeeper |/zookeeper=wontfix,fuse-7/z
|=notaffected,fis-2/zookeepe |ookeeper=notaffected,fis-2/
|r=notaffected,vertx-3/zooke |zookeeper=notaffected,vertx
|eper=notaffected,rhel-8/zoo |-3/zookeeper=notaffected,rh
|keeper=affected |el-8/zookeeper=affected
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years
[Bug 1639090] CVE-2018-11796 tika: Incomplete fix allows for XML entity expansion resulting in denial of service
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1639090
Tomas Hoger <thoger(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|high |medium
CC|abergmann(a)suse.com, |
|aileenc(a)redhat.com, |
|alazarot(a)redhat.com, |
|anstephe(a)redhat.com, |
|bkearney(a)redhat.com, |
|chazlett(a)redhat.com, |
|drieden(a)redhat.com, |
|etirelli(a)redhat.com, |
|ggainey(a)redhat.com, |
|gvarsami(a)redhat.com, |
|hhorak(a)redhat.com, |
|ibek(a)redhat.com, |
|java-sig-commits(a)lists.fedo |
|raproject.org, |
|jcoleman(a)redhat.com, |
|jolee(a)redhat.com, |
|jorton(a)redhat.com, |
|jschatte(a)redhat.com, |
|jstastny(a)redhat.com, |
|kconner(a)redhat.com, |
|krathod(a)redhat.com, |
|kverlaen(a)redhat.com, |
|ldimaggi(a)redhat.com, |
|lef(a)fedoraproject.org, |
|lpetrovi(a)redhat.com, |
|mat.booth(a)redhat.com, |
|meissner(a)suse.de, |
|nwallace(a)redhat.com, |
|paradhya(a)redhat.com, |
|pszubiak(a)redhat.com, |
|puntogil(a)libero.it, |
|rrajasek(a)redhat.com, |
|rsynek(a)redhat.com, |
|rwagner(a)redhat.com, |
|rzhang(a)redhat.com, |
|sdaley(a)redhat.com, |
|tcunning(a)redhat.com, |
|tkirby(a)redhat.com, |
|tlestach(a)redhat.com, |
|vhalbert(a)redhat.com |
Whiteboard|impact=important,public=201 |impact=moderate,public=2018
|81010,reported=20181010,sou |1010,reported=20181010,sour
|rce=oss-security,cvss3=7.5/ |ce=oss-security,cvss3=7.5/C
|CVSS:3.0/AV:N/AC:L/PR:N/UI: |VSS:3.0/AV:N/AC:L/PR:N/UI:N
|N/S:U/C:N/I:N/A:H,cwe=CWE-7 |/S:U/C:N/I:N/A:H,cwe=CWE-77
|76,fedora-all/tika=affected |6,fedora-all/tika=affected,
|,rhscl-3/rh-eclipse46-tika= |rhscl-3/rh-eclipse46-tika=a
|affected,fuse-7/camel-tika= |ffected,fuse-7/camel-tika=n
|new,fsw-6/tika-core=new,brm |ew,fsw-6/tika-core=new,brms
|s-5/tika-core=new,brms-6/ti |-5/tika-core=new,brms-6/tik
|ka-core=new,bpms-6/tika-cor |a-core=new,bpms-6/tika-core
|e=new,jdv-6/tika-core=new,r |=new,jdv-6/tika-core=new,rh
|hn_satellite_5/tika=wontfix |n_satellite_5/tika=wontfix/
|/impact=low |impact=low
Severity|high |medium
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years
[Bug 1516064] gradle-5.3.1 is available
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1516064
Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|gradle-5.3.0 is available |gradle-5.3.1 is available
--- Comment #29 from Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> ---
Latest upstream release: 5.3.1
Current version/release in rawhide: 4.4.1-1.fc30
URL: http://www.gradle.org/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/6088/
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 1 month
[Bug 1607580] CVE-2018-8034 tomcat: host name verification missing in WebSocket client
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1607580
Tomas Hoger <thoger(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=low,public=20180722, |impact=low,public=20180722,
|reported=20180722,source=in |reported=20180722,source=in
|ternet,cvss3=4.3/CVSS:3.0/A |ternet,cvss3=4.3/CVSS:3.0/A
|V:N/AC:L/PR:N/UI:R/S:U/C:N/ |V:N/AC:L/PR:N/UI:R/S:U/C:N/
|I:L/A:N,cwe=CWE-20,fedora-a |I:L/A:N,cwe=CWE-20,fedora-a
|ll/tomcat=affected,rhscl-3/ |ll/tomcat=affected,rhscl-3/
|rh-java-common-tomcat=notaf |rh-java-common-tomcat=notaf
|fected,bpms-6/tomcat=notaff |fected,bpms-6/tomcat=notaff
|ected,epel-all/tomcat=affec |ected,epel-all/tomcat=affec
|ted,brms-6/tomcat=notaffect |ted,brms-6/tomcat=notaffect
|ed,brms-5/jbossweb=notaffec |ed,brms-5/jbossweb=notaffec
|ted,eap-5/jbossweb=notaffec |ted,eap-5/jbossweb=notaffec
|ted,eap-6/jbossweb=affected |ted,eap-6/jbossweb=affected
|,jdg-6/jbossweb=notaffected |,jdg-6/jbossweb=notaffected
|,jdg-7/tomcat=notaffected,j |,jdg-7/tomcat=notaffected,j
|dv-6/jbossweb=wontfix,fuse- |dv-6/jbossweb=wontfix,fuse-
|6/tomcat=wontfix,fuse-7/tom |6/tomcat=wontfix,fuse-7/tom
|cat=affected,soap-5/jbosswe |cat=affected,soap-5/jbosswe
|b=notaffected,fsw-6/jbosswe |b=notaffected,fsw-6/jbosswe
|b=wontfix,jbews-2/tomcat6=n |b=wontfix,jbews-2/tomcat6=n
|otaffected,springboot-1/tom |otaffected,springboot-1/tom
|cat=affected,jws-3/tomcat7= |cat=affected,jws-3/tomcat7=
|affected,jbews-2/tomcat7=wo |affected,jbews-2/tomcat7=wo
|ntfix,rhel-8/pki-servlet-co |ntfix,rhel-8/pki-deps:10.6/
|ntainer=affected,rhel-7/tom |pki-servlet-container=affec
|cat=affected,jws-3/tomcat8= |ted,rhel-7/tomcat=affected,
|affected,rhel-6/tomcat6=not |jws-3/tomcat8=affected,rhel
|affected,jon-3/jbossweb=won |-6/tomcat6=notaffected,jon-
|tfix,jws-5/tomcat=affected |3/jbossweb=wontfix,jws-5/to
| |mcat=affected
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 1 month