June 2019 - java-sig-commits - Fedora Mailing-Lists

[Bug 1643043] CVE-2018-15756 springframework: DoS Attack via Range Requests

by bugzilla＠redhat.com

4 years, 10 months

1
0
0 / 0

[Bug 1340302] owasp-java-html-sanitizer-20190610.1 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1340302 Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|owasp-java-html-sanitizer-2 |owasp-java-html-sanitizer-2 |0190503.1 is available |0190610.1 is available --- Comment #14 from Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> --- Latest upstream release: 20190610.1 Current version/release in rawhide: 20160422.1-1.fc25 URL: https://github.com/OWASP/java-html-sanitizer Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2579/ -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
0
0 / 0

[Bug 1353380] jenkins-2.176.1 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1353380 Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|jenkins-2.164.3 is |jenkins-2.176.1 is |available |available --- Comment #31 from Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> --- Latest upstream release: 2.176.1 Current version/release in rawhide: 1.651.3-10.fc30 URL: http://jenkins-ci.org/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/5493/ -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 10 months

1
0
0 / 0

[Bug 1640615] CVE-2018-3258 mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018)

by bugzilla＠redhat.com

4 years, 10 months

1
0
0 / 0

[Bug 1516064] gradle-5.4.1 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1516064 Fabio Valentini <decathorpe(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|gradle-5.5.0-RC2 is |gradle-5.4.1 is available |available | -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 11 months

1
0
0 / 0

[Bug 1516064] gradle-5.5.0-RC2 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1516064 Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|gradle-5.4.1 is available |gradle-5.5.0-RC2 is | |available --- Comment #36 from Upstream Release Monitoring <upstream-release-monitoring(a)fedoraproject.org> --- Latest upstream release: 5.5.0-RC2 Current version/release in rawhide: 4.4.1-3.fc31 URL: http://www.gradle.org/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/6088/ -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 11 months

1
0
0 / 0

[Bug 1591929] CVE-2018-11039 springframework: Cross Site Tracing (XST) if vulnerable to XSS

by bugzilla＠redhat.com

4 years, 11 months

1
0
0 / 0

[Bug 1591931] CVE-2018-11040 springframework: cross-domain requests via JSONP through AbstractJsonpResponseBodyAdvice

by bugzilla＠redhat.com

4 years, 11 months

1
0
0 / 0

[Bug 1591929] CVE-2018-11039 springframework: Cross Site Tracing (XST) if vulnerable to XSS

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1591929 --- Comment #11 from Joshua Padman <jpadman(a)redhat.com> --- This vulnerability is out of security support scope for the following products: * Red Hat JBoss Fuse 6 Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details. -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 11 months

1
0
0 / 0

[Bug 1591931] CVE-2018-11040 springframework: cross-domain requests via JSONP through AbstractJsonpResponseBodyAdvice

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1591931 --- Comment #10 from Joshua Padman <jpadman(a)redhat.com> --- This vulnerability is out of security support scope for the following products: * Red Hat JBoss Fuse 6 Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details. -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 11 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

java-sig-commits June 2019