January 2020 - java-sig-commits - Fedora Mailing-Lists

[Bug 1516987] CVE-2017-5532 jasperreports: XSS leading to privilege escalation

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1516987 Bug 1516987 depends on bug 1516989, which changed state. Bug 1516989 Summary: CVE-2017-5532 CVE-2017-5533 jasperreports: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1516989 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 3 months

1
0
0 / 0

[Bug 1516989] CVE-2017-5532 CVE-2017-5533 jasperreports: various flaws [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1516989 Robbie Harwood <rharwood(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED CC| |rharwood(a)redhat.com Resolution|--- |WONTFIX Last Closed| |2020-01-24 20:50:42 --- Comment #3 from Robbie Harwood <rharwood(a)redhat.com> --- Package is orphaned. -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 3 months

1
0
0 / 0

[Bug 1510968] CVE-2017-8028 spring-ldap: Authentication with userSearch and STARTTLS allows authentication with arbitrary password

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1510968 Bug 1510968 depends on bug 1510970, which changed state. Bug 1510970 Summary: CVE-2017-8028 spring-ldap: Authentication with userSearch and STARTTLS allows authentication with arbitrary password [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1510970 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 3 months

1
0
0 / 0

[Bug 1510970] CVE-2017-8028 spring-ldap: Authentication with userSearch and STARTTLS allows authentication with arbitrary password [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1510970 Robbie Harwood <rharwood(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED CC| |rharwood(a)redhat.com Resolution|--- |WONTFIX Last Closed|2018-05-29 17:10:35 |2020-01-24 20:50:21 --- Comment #5 from Robbie Harwood <rharwood(a)redhat.com> --- Package is orphaned. -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 3 months

1
0
0 / 0

[Bug 1493502] CVE-2017-8045 springframework-amqp: Message.toString() deserializes java without a whitelist

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1493502 Bug 1493502 depends on bug 1493503, which changed state. Bug 1493503 Summary: CVE-2017-8045 springframework-amqp: Message.toString() deserializes java without a whitelist [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1493503 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 3 months

1
0
0 / 0

[Bug 1493503] CVE-2017-8045 springframework-amqp: Message.toString() deserializes java without a whitelist [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1493503 Robbie Harwood <rharwood(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED CC| |rharwood(a)redhat.com Resolution|--- |WONTFIX Last Closed|2018-05-29 17:11:16 |2020-01-24 20:49:59 --- Comment #5 from Robbie Harwood <rharwood(a)redhat.com> --- Package is orphaned. -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 3 months

1
0
0 / 0

[Bug 1564408] CVE-2018-1272 spring-framework: Multipart content pollution

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1564408 Bug 1564408 depends on bug 1564409, which changed state. Bug 1564409 Summary: CVE-2018-1270 CVE-2018-1272 springframework: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1564409 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 3 months

1
0
0 / 0

[Bug 1564405] CVE-2018-1270 spring-framework: Possible RCE via spring messaging

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1564405 Bug 1564405 depends on bug 1564409, which changed state. Bug 1564409 Summary: CVE-2018-1270 CVE-2018-1272 springframework: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1564409 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 3 months

1
0
0 / 0

[Bug 1564409] CVE-2018-1270 CVE-2018-1272 springframework: various flaws [fedora-all]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1564409 Robbie Harwood <rharwood(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED CC| |rharwood(a)redhat.com Resolution|--- |WONTFIX Last Closed| |2020-01-24 20:49:31 --- Comment #3 from Robbie Harwood <rharwood(a)redhat.com> --- Package has been orphaned. -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 3 months

1
0
0 / 0

[Bug 1501529] CVE-2017-12629 Solr: Code execution via entity expansion

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1501529 Bug 1501529 depends on bug 1501840, which changed state. Bug 1501840 Summary: CVE-2017-12629 lucene3: Solr: Code execution via entity expansion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1501840 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX -- You are receiving this mail because: You are on the CC list for the bug.

4 years, 3 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

java-sig-commits January 2020