May 2022 - Epel-packagers-sig - Fedora Mailing-Lists

[Bug 2087912] CVE-2022-1434 openssl: Incorrect MAC key used in the RC4-MD5 ciphersuite

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2087912 jajeon(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jajeon(a)redhat.com -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2087912

2 years

1
0
0 / 0

[Bug 2087913] CVE-2022-1473 openssl: OPENSSL_LH_flush() breaks reuse of memory

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2087913 --- Comment #2 from Todd Cullum <tcullum(a)redhat.com> --- Created openssl3 tracking bugs for this issue: Affects: epel-8 [bug 2089474] -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2087913

2 years

1
0
0 / 0

[Bug 2087913] CVE-2022-1473 openssl: OPENSSL_LH_flush() breaks reuse of memory

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2087913 Todd Cullum <tcullum(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2089474 Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2089474 [Bug 2089474] CVE-2022-1473 openssl3: openssl: OPENSSL_LH_flush() breaks reuse of memory [epel-8] -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2087913

2 years

1
0
0 / 0

[Bug 2087911] CVE-2022-1343 openssl: Signer certificate verification returns inaccurate response when using OCSP_NOCHECKS

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2087911 --- Comment #2 from Todd Cullum <tcullum(a)redhat.com> --- Created openssl3 tracking bugs for this issue: Affects: epel-8 [bug 2089472] -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2087911

2 years

1
0
0 / 0

[Bug 2087911] CVE-2022-1343 openssl: Signer certificate verification returns inaccurate response when using OCSP_NOCHECKS

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2087911 Todd Cullum <tcullum(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2089472 Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2089472 [Bug 2089472] CVE-2022-1343 openssl3: openssl: Signer certificate verification returns inaccurate response when using OCSP_NOCHECKS [epel-8] -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2087911

2 years

1
0
0 / 0

[Bug 2087912] CVE-2022-1434 openssl: Incorrect MAC key used in the RC4-MD5 ciphersuite

by bugzilla＠redhat.com

2 years

1
0
0 / 0

[Bug 2087913] CVE-2022-1473 openssl: OPENSSL_LH_flush() breaks reuse of memory

by bugzilla＠redhat.com

2 years

1
0
0 / 0

[Bug 2087911] CVE-2022-1343 openssl: Signer certificate verification returns inaccurate response when using OCSP_NOCHECKS

by bugzilla＠redhat.com

2 years

1
0
0 / 0

[Bug 2089367] New: [python-typing-extensions][epel]: please build python-typing-extensions in epel9

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2089367 Bug ID: 2089367 Summary: [python-typing-extensions][epel]: please build python-typing-extensions in epel9 Product: Fedora Version: rawhide Status: NEW Component: python-typing-extensions Assignee: hegjon(a)gmail.com Reporter: kkeithle(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: code(a)musicinmybrain.net, epel-packagers-sig(a)lists.fedoraproject.org, hegjon(a)gmail.com, mail(a)fabian-affolter.ch, michel(a)michel-slm.name Target Milestone: --- Classification: Fedora Description of problem: python-typing-extensions is a BR for python-twisted->python-tblib->->python-python-django->python-opentelemetry->python-xds-protos->grpc->libarrow, which in turn is a BR ceph quincy (17.2.x). While ceph itself will not (ever) be built in EPEL, there are Ceph developers who want to use CentOS Stream or RHEL with EPEL. Note: libarrow and all its dependencies, including python-typing-extenions, are already available from the CentOS Storage SIG. I'm told though that many Ceph devs prefer to use EPEL over the CentOS Storage SIG. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: It builds as is from the rawhide sources (https://koji.fedoraproject.org/koji/taskinfo?taskID=87406597) If you don't wish to build python-typing-extensions in EPEL yourself, please add the epel-packagers-sig group as collaborator for epel* branches, or (less preferable) add me (FAS: kkeithle) as a collaborator for epel* branches. Thanks -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2089367

2 years

1
1
0 / 0

[Bug 2062202] CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2062202 Derrick Ornelas <dornelas(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(dornelas(a)redhat.c | |om) | -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2062202

2 years

1
0
0 / 0

2024

2023

2022

2021

Epel-packagers-sig May 2022