[Bug 1933287] New: EPEL8 Request: perl-File-Touch
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1933287
Bug ID: 1933287
Summary: EPEL8 Request: perl-File-Touch
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: perl-File-Touch
Assignee: andrea.veri(a)gmail.com
Reporter: jakub.jedelsky(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: andrea.veri(a)gmail.com,
perl-devel(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Hello, I would appreciate if you could build perl-POSIX-strptime for EPEL8.
Feel free to add me as co-maintainer (kubo).
--
You are receiving this mail because:
You are on the CC list for the bug.
10 months, 4 weeks
[Bug 2037408] New: CVE-2020-16154
perl-App-cpanminus:1.7044/perl-App-cpanminus: Bypass of verification of
signatures in CHECKSUMS files [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2037408
Bug ID: 2037408
Summary: CVE-2020-16154
perl-App-cpanminus:1.7044/perl-App-cpanminus: Bypass
of verification of signatures in CHECKSUMS files
[fedora-all]
Product: Fedora
Version: 35
Status: NEW
Component: perl-App-cpanminus
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: jplesnik(a)redhat.com
Reporter: thoger(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: jplesnik(a)redhat.com, mmaslano(a)redhat.com,
mspacek(a)redhat.com, perl-devel(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2037408
11 months, 1 week
[Bug 2035342] New: CVE-2020-16154 perl-App-cpanminus: signature
verification bypass [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2035342
Bug ID: 2035342
Summary: CVE-2020-16154 perl-App-cpanminus: signature
verification bypass [fedora-all]
Product: Fedora
Version: 35
Status: NEW
Component: perl-App-cpanminus
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: jplesnik(a)redhat.com
Reporter: mrehak(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: jplesnik(a)redhat.com, mmaslano(a)redhat.com,
mspacek(a)redhat.com, perl-devel(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2035342
11 months, 1 week
[Bug 1765510] New: Request to update perl-Protocol-WebSocket to 0.26
for EPEL 7
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1765510
Bug ID: 1765510
Summary: Request to update perl-Protocol-WebSocket to 0.26 for
EPEL 7
Product: Fedora EPEL
Version: epel7
Status: NEW
Component: perl-Protocol-WebSocket
Assignee: ddick(a)cpan.org
Reporter: kretschmer.jens(a)siemens.com
QA Contact: extras-qa(a)fedoraproject.org
CC: ddick(a)cpan.org, perl-devel(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Please update perl-Protocol-WebSocket to the latest upstream version 0.26. The
current version in EPEL 7 is 0.18
--
You are receiving this mail because:
You are on the CC list for the bug.
11 months, 1 week
[Bug 1803973] New: CGI::Session is missing in epel8
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1803973
Bug ID: 1803973
Summary: CGI::Session is missing in epel8
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: perl-CGI-Session
Assignee: andreas(a)bawue.net
Reporter: netwiz(a)crc.id.au
QA Contact: extras-qa(a)fedoraproject.org
CC: andreas(a)bawue.net, perl-devel(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
The perl-CGI-Session package is not available for EPEL8.
Please import & build for EPEL8.
--
You are receiving this mail because:
You are on the CC list for the bug.
11 months, 1 week
[Bug 1716324] New: perl-Text-Xslate-3.5.6-5.fc30 is not linked to
libperl.so
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1716324
Bug ID: 1716324
Summary: perl-Text-Xslate-3.5.6-5.fc30 is not linked to
libperl.so
Product: Fedora
Version: 30
Status: NEW
Component: perl-Text-Xslate
Assignee: jplesnik(a)redhat.com
Reporter: ppisar(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: i(a)cicku.me, jplesnik(a)redhat.com,
perl-devel(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
perl-Text-Xslate-3.5.6-5.fc30 lost a dependency on libperl.so since
-Wl,--as-needed was added to distribution-wide linker flags:
$ scanelf -n blib/arch/auto/Text/Xslate/Xslate.so
TYPE NEEDED FILE
ET_DYN libc.so.6 blib/arch/auto/Text/Xslate/Xslate.so
$ ldd -r blib/arch/auto/Text/Xslate/Xslate.so
linux-vdso.so.1 (0x00007fff0d5cb000)
libc.so.6 => /lib64/libc.so.6 (0x00007f948b9a1000)
/lib64/ld-linux-x86-64.so.2 (0x00007f948bb8f000)
undefined symbol: Perl_sv_cmp (blib/arch/auto/Text/Xslate/Xslate.so)
undefined symbol: PL_ppaddr (blib/arch/auto/Text/Xslate/Xslate.so)
[...]
Xslate.so is built like this:
gcc -lpthread -shared -Wl,-z,relro -Wl,--as-needed -Wl,-z,now
-specs=/usr/lib/rpm/redhat/redhat-hardened-ld -L/usr/local/lib
-fstack-protector-strong -lperl -o blib/arch/auto/Text/Xslate/Xslate.so
lib/Text/Xslate.o src/xslate_methods.o
The cause is that -Wl,--as-needed takes effect when library is supplied and
considering only preceding object files and ignoring and following object
files. A correct linker command must list all object files before -l flags.
Like this:
gcc lib/Text/Xslate.o src/xslate_methods.o -lpthread -shared -Wl,-z,relro
-Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld
-L/usr/local/lib -fstack-protector-strong -lperl -o
blib/arch/auto/Text/Xslate/Xslate.so
Either there is bug in perl-Text-Xslate build script or in
Module::Build::XSUtil that it uses.
--
You are receiving this mail because:
You are on the CC list for the bug.
11 months, 4 weeks
[Bug 2083148] New: CVE-2018-25033 slic3r: admesh:
heap-buffer-overflow in stl_update_connects_remove_1() of src/connect.c
[fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2083148
Bug ID: 2083148
Summary: CVE-2018-25033 slic3r: admesh: heap-buffer-overflow in
stl_update_connects_remove_1() of src/connect.c
[fedora-all]
Product: Fedora
Version: 35
Status: NEW
Component: slic3r
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: mhroncok(a)redhat.com
Reporter: trathi(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: mhroncok(a)redhat.com,
perl-devel(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2083148
1 year, 3 months