[Bug 2190215] New: Make Tomcat 10 available through EPEL
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2190215
Bug ID: 2190215
Summary: Make Tomcat 10 available through EPEL
Product: Fedora EPEL
Version: epel9
Status: NEW
Component: tomcat
Assignee: csutherl(a)redhat.com
Reporter: csutherl(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: alee(a)redhat.com, csutherl(a)redhat.com,
gzaronikas(a)gmail.com, huwang(a)redhat.com,
ivan.afonichev(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
We've had a few users requesting Tomcat 10 be added to EPEL. I've created this
bugzilla to track those requests and to have a place to share status updates.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2190215
1 week, 1 day
[Bug 2064698] New: CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2064698
Bug ID: 2064698
Summary: CVE-2020-36518 jackson-databind: denial of service via
a large depth of nested objects
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: mrehak(a)redhat.com
CC: aboyko(a)redhat.com, aileenc(a)redhat.com,
alazarot(a)redhat.com, anstephe(a)redhat.com,
asoldano(a)redhat.com, ataylor(a)redhat.com,
bbaranow(a)redhat.com, bibryam(a)redhat.com,
bmaxwell(a)redhat.com, bmontgom(a)redhat.com,
boliveir(a)redhat.com, brian.stansberry(a)redhat.com,
cdewolf(a)redhat.com, cdorney(a)redhat.com,
cfu(a)redhat.com, chazlett(a)redhat.com,
ckelley(a)redhat.com, darran.lofthouse(a)redhat.com,
dkreling(a)redhat.com, dosoudil(a)redhat.com,
drieden(a)redhat.com, edewata(a)redhat.com,
emingora(a)redhat.com, eparis(a)redhat.com,
eric.wittmann(a)redhat.com, etirelli(a)redhat.com,
fjuma(a)redhat.com, ggaughan(a)redhat.com,
gmalinko(a)redhat.com, hbraun(a)redhat.com,
ibek(a)redhat.com, iweiss(a)redhat.com,
janstey(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jburrell(a)redhat.com, jmagne(a)redhat.com,
jochrist(a)redhat.com, jokerman(a)redhat.com,
jrokos(a)redhat.com, jross(a)redhat.com,
jstastny(a)redhat.com, jwon(a)redhat.com,
krathod(a)redhat.com, kverlaen(a)redhat.com,
lgao(a)redhat.com, mharmsen(a)redhat.com,
mnovotny(a)redhat.com, mosmerov(a)redhat.com,
msochure(a)redhat.com, msvehla(a)redhat.com,
nstielau(a)redhat.com, nwallace(a)redhat.com,
pantinor(a)redhat.com, pdelbell(a)redhat.com,
pdrozd(a)redhat.com, pjindal(a)redhat.com,
pmackay(a)redhat.com, puntogil(a)libero.it,
rguimara(a)redhat.com, rhcs-maint(a)redhat.com,
rrajasek(a)redhat.com, rstancel(a)redhat.com,
rsvoboda(a)redhat.com, smaestri(a)redhat.com,
sponnaga(a)redhat.com, sthorger(a)redhat.com,
swoodman(a)redhat.com, tom.jenkinson(a)redhat.com,
tzimanyi(a)redhat.com
Target Milestone: ---
Classification: Other
A Java StackOverflow exception and denial of service via a large depth of
nested objects.
Reference:
https://github.com/FasterXML/jackson-databind/issues/2816
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2064698
1 week, 2 days
[Bug 2133076] New: CVE-2022-41420 nasm: stack-based buffer overflow in the ndisasm component [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2133076
Bug ID: 2133076
Summary: CVE-2022-41420 nasm: stack-based buffer overflow in
the ndisasm component [fedora-all]
Product: Fedora
Version: 36
Status: NEW
Component: nasm
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: dominik(a)greysector.net
Reporter: gsuckevi(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: dominik(a)greysector.net,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, pbonzini(a)redhat.com
Target Milestone: ---
Classification: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2133076
1 week, 3 days
[Bug 2123083] New: CVE-2021-33452 nasm: memory leak in nasm_malloc() in nasmlib/alloc.c [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2123083
Bug ID: 2123083
Summary: CVE-2021-33452 nasm: memory leak in nasm_malloc() in
nasmlib/alloc.c [fedora-all]
Product: Fedora
Version: 36
Status: NEW
Component: nasm
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: dominik(a)greysector.net
Reporter: gsuckevi(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: dominik(a)greysector.net,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, pbonzini(a)redhat.com
Target Milestone: ---
Classification: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2123083
1 week, 3 days