[Bug 1912813] New: F34FailsToInstall: perl-XML-Xerces
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1912813
Bug ID: 1912813
Summary: F34FailsToInstall: perl-XML-Xerces
Product: Fedora
Version: rawhide
Status: NEW
Component: perl-XML-Xerces
Assignee: xavier(a)bachelot.org
Reporter: mhroncok(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: perl-devel(a)lists.fedoraproject.org,
xavier(a)bachelot.org
Blocks: 1868279 (F34FailsToInstall)
Target Milestone: ---
Classification: Fedora
Hello,
Please note that this comment was generated automatically. If you feel that
this output has mistakes, please contact me via email (mhroncok(a)redhat.com).
Your package (perl-XML-Xerces) Fails To Install in Fedora 34:
can't install perl-XML-Xerces:
- nothing provides libxerces-c.so.27()(64bit) needed by
perl-XML-Xerces-2.7.0_0-48.fc33.x86_64
If you know about this problem and are planning on fixing it, please
acknowledge so by setting the bug status to ASSIGNED. If you don't have time to
maintain this package, consider orphaning it, so maintainers of dependent
packages realize the problem.
If you don't react accordingly to the policy for FTBFS/FTI bugs
(https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fai...),
your package may be orphaned in 8+ weeks.
P.S. The data was generated solely from koji buildroot, so it might be newer
than the latest compose or the content on mirrors.
P.P.S. If this bug has been reported in the middle of upgrading multiple
dependent packages, please consider using side tags:
https://docs.fedoraproject.org/en-US/rawhide-gating/multi-builds/
Thanks!
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1868279
[Bug 1868279] (F34FailsToInstall) - Fedora 34 Fails To install Tracker
--
You are receiving this mail because:
You are on the CC list for the bug.
2 years, 5 months
[Bug 1879741] New: CVE-2014-10402 perl-dbi: Incomplete fix for
CVE-2014-10401
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1879741
Bug ID: 1879741
Summary: CVE-2014-10402 perl-dbi: Incomplete fix for
CVE-2014-10401
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: caillon+fedoraproject(a)gmail.com, hhorak(a)redhat.com,
john.j5live(a)gmail.com, jorton(a)redhat.com,
jplesnik(a)redhat.com, kasal(a)ucw.cz,
perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, ppisar(a)redhat.com,
rhughes(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com
Target Milestone: ---
Classification: Other
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File
drivers can open files from folders other than those specifically passed via
the f_dir attribute in the data source name (DSN). NOTE: this issue exists
because of an incomplete fix for CVE-2014-10401.
Upstream bug:
https://rt.cpan.org/Public/Bug/Display.html?id=99508#txn-1911590
--
You are receiving this mail because:
You are on the CC list for the bug.
2 years, 6 months
[Bug 1877447] New: perl-dbi: Stack corruption on callbacks
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1877447
Bug ID: 1877447
Summary: perl-dbi: Stack corruption on callbacks
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: caillon+fedoraproject(a)gmail.com, hhorak(a)redhat.com,
john.j5live(a)gmail.com, jorton(a)redhat.com,
jplesnik(a)redhat.com, kasal(a)ucw.cz,
perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, ppisar(a)redhat.com,
rhughes(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com
Target Milestone: ---
Classification: Other
A flaw was found in perl-dbi before version 1.628. A problem occurs when a
user-defined function requires a non-trivial amount of memory and the perl
stack gets reallocated.
References:
https://rt.cpan.org/Public/Bug/Display.html?id=85562
Upstream patch:
https://github.com/perl5-dbi/dbi/commit/401f1221311c71f760e21c98772f0f7e3...
--
You are receiving this mail because:
You are on the CC list for the bug.
2 years, 6 months
[Bug 1877444] New: perl-dbi: DBD::File drivers open files from
folders other than specifically passed
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1877444
Bug ID: 1877444
Summary: perl-dbi: DBD::File drivers open files from folders
other than specifically passed
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: caillon+fedoraproject(a)gmail.com, hhorak(a)redhat.com,
john.j5live(a)gmail.com, jorton(a)redhat.com,
jplesnik(a)redhat.com, kasal(a)ucw.cz,
perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, ppisar(a)redhat.com,
rhughes(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com
Target Milestone: ---
Classification: Other
--
You are receiving this mail because:
You are on the CC list for the bug.
2 years, 6 months
[Bug 1877427] New: perl-dbi: Risk of memory corruption with many
arguments in DBI method dispatch
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1877427
Bug ID: 1877427
Summary: perl-dbi: Risk of memory corruption with many
arguments in DBI method dispatch
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: caillon+fedoraproject(a)gmail.com, hhorak(a)redhat.com,
john.j5live(a)gmail.com, jorton(a)redhat.com,
jplesnik(a)redhat.com, kasal(a)ucw.cz,
perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, ppisar(a)redhat.com,
rhughes(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com
Target Milestone: ---
Classification: Other
A flaw was foundin perl-dbi before version 1.632. Using many arguments to
methods for Callbacks may lead to memory corruption.
Upstream patch:
https://github.com/perl5-dbi/dbi/commit/a8b98e988d6ea2946f5f56691d6d5ead5...
--
You are receiving this mail because:
You are on the CC list for the bug.
2 years, 6 months
[Bug 1877421] New: perl-dbi: Old API functions vulnerable to
overflow
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1877421
Bug ID: 1877421
Summary: perl-dbi: Old API functions vulnerable to overflow
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: caillon+fedoraproject(a)gmail.com, hhorak(a)redhat.com,
john.j5live(a)gmail.com, jorton(a)redhat.com,
jplesnik(a)redhat.com, kasal(a)ucw.cz,
perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, ppisar(a)redhat.com,
rhughes(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com
Target Milestone: ---
Classification: Other
A flaw was found in perl-dbi before version 1.643. Old API functions might be
vulnerable to overflowing potentially causing memory corruption.
References:
https://github.com/perl5-dbi/dbi/commit/00e2ec459b55b72ee5703c1bd8e6cf57f...
--
You are receiving this mail because:
You are on the CC list for the bug.
2 years, 6 months
[Bug 1877409] New: perl-dbi: Buffer overlfow on an overlong DBD
class name
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1877409
Bug ID: 1877409
Summary: perl-dbi: Buffer overlfow on an overlong DBD class
name
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: caillon+fedoraproject(a)gmail.com, hhorak(a)redhat.com,
john.j5live(a)gmail.com, jorton(a)redhat.com,
jplesnik(a)redhat.com, kasal(a)ucw.cz,
perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, ppisar(a)redhat.com,
rhughes(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com
Target Milestone: ---
Classification: Other
A flaw was found in perl-dbi before version 1.643. A buffer overflow on via an
overlong DBD class name in dbih_setup_handle function may lead to data be
written past the intended limit.
Upstream patch:
https://github.com/perl5-dbi/dbi/commit/36f2a2c5fea36d7d47d6871e420286643...
--
You are receiving this mail because:
You are on the CC list for the bug.
2 years, 6 months
[Bug 1877405] New: perl-dbi: NULL profile dereference in
dbi_profile()
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1877405
Bug ID: 1877405
Summary: perl-dbi: NULL profile dereference in dbi_profile()
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: caillon+fedoraproject(a)gmail.com, hhorak(a)redhat.com,
john.j5live(a)gmail.com, jorton(a)redhat.com,
jplesnik(a)redhat.com, kasal(a)ucw.cz,
perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, ppisar(a)redhat.com,
rhughes(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com
Target Milestone: ---
Classification: Other
A flaw was found in perl-dbi. hv_fetch() documentation requires checking for
NULL and the code does that. But then calls SvOK(profile) uncoditionally two
lines later lead to a null profile dereference.
Upstream patch:
https://github.com/perl5-dbi/dbi/commit/eca7d7c8f43d96f6277e86d1000e842eb...
--
You are receiving this mail because:
You are on the CC list for the bug.
2 years, 6 months