June 2019 - java-sig-commits - Fedora Mailing-Lists

[Bug 1615673] CVE-2018-10934 wildfly-core: Cross-site scripting (XSS) in JBoss Management Console

by bugzilla＠redhat.com

4 years, 10 months

1
0
0 / 0

[Bug 1695098] New: checkstyle: FTBFS in Fedora rawhide

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1695098 Bug ID: 1695098 Summary: checkstyle: FTBFS in Fedora rawhide Product: Fedora Version: rawhide URL: http://apps.fedoraproject.org/koschei/package/checksty le Status: NEW Component: checkstyle Assignee: decathorpe(a)gmail.com Reporter: mizdebsk(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dbhole(a)redhat.com, decathorpe(a)gmail.com, edewata(a)redhat.com, greg.hellings(a)gmail.com, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, nsantos(a)redhat.com, rob.myers(a)gtri.gatech.edu, stewardship-sig(a)lists.fedoraproject.org Blocks: 1694858 Target Milestone: --- Classification: Fedora Description of problem: Package checkstyle fails to build from source in Fedora rawhide. Version-Release number of selected component (if applicable): 8.0-6.fc30 Steps to Reproduce: koji build --scratch f31 checkstyle-8.0-6.fc30.src.rpm Additional info: This package is tracked by Koschei. See: http://apps.fedoraproject.org/koschei/package/checkstyle Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1694858 [Bug 1694858] CVE-2019-9658 checkstyle: Loads external DTDs by default [fedora-all] -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
2
0 / 0

[Bug 1474795] checkstyle-8.22 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1474795 Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|checkstyle-8.21 is |checkstyle-8.22 is |available |available --- Comment #18 from Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> --- Latest upstream release: 8.22 Current version/release in rawhide: 8.0-7.fc31 URL: http://sourceforge.net/projects/checkstyle Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/275/ -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
0
0 / 0

[Bug 1346528] jenkins-remoting-3.33 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1346528 Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|jenkins-remoting-3.31 is |jenkins-remoting-3.33 is |available |available --- Comment #30 from Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> --- Latest upstream release: 3.33 Current version/release in rawhide: 2.62.3-1.fc26 URL: https://github.com/jenkinsci/remoting Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/1444/ -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
0
0 / 0

[Bug 1380918] js-CodeMirror-5.48.0 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1380918 Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|js-CodeMirror-5.47.0 is |js-CodeMirror-5.48.0 is |available |available --- Comment #32 from Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> --- Latest upstream release: 5.48.0 Current version/release in rawhide: 2.38-7.fc30 URL: https://github.com/codemirror/CodeMirror/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/12070/ -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
0
0 / 0

[Bug 1443635] CVE-2017-5645 log4j: Socket receiver deserialization vulnerability

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1443635 errata-xmlrpc <errata-xmlrpc(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- External Bug ID| |Red Hat Product Errata | |RHSA-2019:1545 -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
0
0 / 0

[Bug 1640615] CVE-2018-3258 mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018)

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1640615 errata-xmlrpc <errata-xmlrpc(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- External Bug ID| |Red Hat Product Errata | |RHSA-2019:1545 -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
0
0 / 0

[Bug 1640615] CVE-2018-3258 mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018)

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1640615 --- Comment #13 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> --- This issue has been addressed in the following products: Red Hat Fuse 7.3.1 Via RHSA-2019:1545 https://access.redhat.com/errata/RHSA-2019:1545 -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
0
0 / 0

[Bug 1572463] CVE-2017-15691 uima: XML external entity expansion (XXE) can allow attackers to execute arbitrary code

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1572463 errata-xmlrpc <errata-xmlrpc(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- External Bug ID| |Red Hat Product Errata | |RHSA-2019:1545 -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
0
0 / 0

[Bug 1443635] CVE-2017-5645 log4j: Socket receiver deserialization vulnerability

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1443635 --- Comment #47 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> --- This issue has been addressed in the following products: Red Hat Fuse 7.3.1 Via RHSA-2019:1545 https://access.redhat.com/errata/RHSA-2019:1545 -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

java-sig-commits June 2019