October 2023 - Epel-packagers-sig - Fedora Mailing-Lists

[Bug 2097310] CVE-2022-2068 openssl: the c_rehash script allows command injection

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2097310 Eric Helms <ehelms(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2242355 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2097310

8 months, 2 weeks

1
0
0 / 0

[Bug 2097310] CVE-2022-2068 openssl: the c_rehash script allows command injection

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2097310 Eric Helms <ehelms(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2242354 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2097310

8 months, 2 weeks

1
0
0 / 0

[Bug 2097310] CVE-2022-2068 openssl: the c_rehash script allows command injection

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2097310 Eric Helms <ehelms(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2242350 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2097310

8 months, 2 weeks

1
0
0 / 0

[Bug 2241338] New: ipython-8.16.0 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2241338 Bug ID: 2241338 Summary: ipython-8.16.0 is available Product: Fedora Version: rawhide Status: NEW Component: ipython Keywords: FutureFeature, Triaged Assignee: lbalhar(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, lbalhar(a)redhat.com, mhroncok(a)redhat.com, michel(a)michel-slm.name, mrunge(a)redhat.com, orion(a)nwra.com, python-packagers-sig(a)lists.fedoraproject.org, tomspur(a)fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 8.12.3, 8.16.0 Upstream release that is considered latest: 8.16.0 Current version/release in rawhide: 8.15.0-2.fc40 URL: https://ipython.org/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release... Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/1399/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/ipython -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2241338 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

8 months, 2 weeks

1
4
0 / 0

[Bug 2242180] New: CVE-2023-43665 python-django3: python-django: Denial-of-service possibility in django.utils.text.Truncator [epel-8]

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2242180 Bug ID: 2242180 Summary: CVE-2023-43665 python-django3: python-django: Denial-of-service possibility in django.utils.text.Truncator [epel-8] Product: Fedora EPEL Version: epel8 Status: NEW Component: python-django3 Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: michel(a)michel-slm.name Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2241046 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2242180 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

8 months, 3 weeks

1
2
0 / 0

[Bug 2237031] New: papirus-icon-theme-20230901 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2237031 Bug ID: 2237031 Summary: papirus-icon-theme-20230901 is available Product: Fedora Version: rawhide Status: NEW Component: papirus-icon-theme Keywords: FutureFeature, Triaged Assignee: zebob.m(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, zebob.m(a)gmail.com Target Milestone: --- Classification: Fedora Releases retrieved: 20230901 Upstream release that is considered latest: 20230901 Current version/release in rawhide: 20230801-1.fc40 URL: https://github.com/PapirusDevelopmentTeam/papirus-icon-theme/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release... Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/18645/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/papirus-icon-theme -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2237031 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

8 months, 3 weeks

1
17
0 / 0

[Bug 2240475] New: ELF module broken by pyelftools update

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2240475 Bug ID: 2240475 Summary: ELF module broken by pyelftools update Product: Fedora Version: 38 Hardware: All OS: Linux Status: NEW Component: python-pwntools Keywords: Regression, Upgrades Severity: high Assignee: redhat(a)flyn.org Reporter: alex(a)alexyzhang.dev QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, rebus(a)seznam.cz, redhat(a)flyn.org Target Milestone: --- Classification: Fedora The pyelftools 0.30 update removed the elftools.common.py3compat module, which the currently-packaged version of Pwntools uses. This causes a ModuleNotFoundError when attempting to import Pwntools. Updating to Pwntools 4.11.0 should fix this. Reproducible: Always Steps to Reproduce: Run `from pwn import *` in Python. Actual Results: Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python3.11/site-packages/pwn/__init__.py", line 4, in <module> from pwn.toplevel import * File "/usr/lib/python3.11/site-packages/pwn/toplevel.py", line 23, in <module> from pwnlib import * File "/usr/lib/python3.11/site-packages/pwnlib/dynelf.py", line 57, in <module> from pwnlib import elf File "/usr/lib/python3.11/site-packages/pwnlib/elf/__init__.py", line 9, in <module> from pwnlib.elf.corefile import Core File "/usr/lib/python3.11/site-packages/pwnlib/elf/corefile.py", line 79, in <module> from elftools.common.py3compat import bytes2str ModuleNotFoundError: No module named 'elftools.common.py3compat' Expected Results: The import statement executes without error. Fix: https://github.com/Gallopsled/pwntools/pull/2261 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2240475 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-...

8 months, 3 weeks

1
6
0 / 0

[Bug 2174150] New: python-cle-9.2.40 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2174150 Bug ID: 2174150 Summary: python-cle-9.2.40 is available Product: Fedora Version: rawhide Status: NEW Component: python-cle Keywords: FutureFeature, Triaged Assignee: redhat(a)flyn.org Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, mail(a)fabian-affolter.ch, redhat(a)flyn.org Target Milestone: --- Classification: Fedora Releases retrieved: 9.2.40 Upstream release that is considered latest: 9.2.40 Current version/release in rawhide: 9.2.39-1.fc39 URL: https://pypi.org/project/cle/8.19.10.29 Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release... Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/34904/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-cle -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2174150

8 months, 3 weeks

1
36
0 / 0

[Bug 2174137] New: python-pyvex-9.2.40 is available

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2174137 Bug ID: 2174137 Summary: python-pyvex-9.2.40 is available Product: Fedora Version: rawhide Status: NEW Component: python-pyvex Keywords: FutureFeature, Triaged Assignee: redhat(a)flyn.org Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, mail(a)fabian-affolter.ch, redhat(a)flyn.org Target Milestone: --- Classification: Fedora Releases retrieved: 9.2.40 Upstream release that is considered latest: 9.2.40 Current version/release in rawhide: 9.2.39-1.fc39 URL: https://pypi.org/project/pyvex Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release... Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/34911/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-pyvex -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2174137

8 months, 3 weeks

1
38
0 / 0

[Bug 2193021] New: [abrt] nemo: g_type_check_instance_is_fundamentally_a(): nemo-desktop killed by SIGSEGV

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2193021 Bug ID: 2193021 Summary: [abrt] nemo: g_type_check_instance_is_fundamentally_a(): nemo-desktop killed by SIGSEGV Product: Fedora Version: rawhide Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:40484f82287c3ceb18507c67505aea3cd89dc9fa;VAR IANT_ID=cinnamon; Component: nemo Assignee: leigh123linux(a)googlemail.com Reporter: bradleyc.hackett(a)yahoo.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, leigh123linux(a)googlemail.com, riehecky(a)fnal.gov Target Milestone: --- Classification: Fedora Version-Release number of selected component: nemo-5.6.4-1.fc39 Additional info: reporter: libreport-2.17.9 type: CCpp reason: nemo-desktop killed by SIGSEGV journald_cursor: s=775cfc3ae8894860b677b4c9e90f15a3;i=12e90;b=856be612c3d640c3bb398e236ffe83d4;m=3e41f3e3;t=5fabc63796eef;x=5fbedb6a1812558a executable: /usr/bin/nemo-desktop cmdline: nemo-desktop cgroup: 0::/user.slice/user-1000.slice/session-2.scope rootdir: / uid: 1000 kernel: 6.4.0-0.rc0.20230428git33afd4b76393.7.fc39.x86_64 package: nemo-5.6.4-1.fc39 runlevel: N 5 backtrace_rating: 4 crash_function: g_type_check_instance_is_fundamentally_a Truncated backtrace: Thread no. 1 (11 frames) #0 g_type_check_instance_is_fundamentally_a at ../gobject/gtype.c:4166 #2 desktop_location_changed_callback at ../src/nemo-pathbar.c:223 #4 signal_emit_unlocked_R.isra.0 at ../gobject/gsignal.c:3812 #7 g_settings_real_change_event at ../gio/gsettings.c:392 #8 _g_cclosure_marshal_BOOLEAN__POINTER_INTv at ../gio/gmarshal-internal.c:428 #9 _g_closure_invoke_va at ../gobject/gclosure.c:895 #12 settings_backend_path_changed at ../gio/gsettings.c:467 #14 g_settings_backend_invoke_closure at ../gio/gsettingsbackend.c:275 #18 g_main_context_iterate.isra.0 at ../glib/gmain.c:4276 #19 g_main_context_iteration at ../glib/gmain.c:4343 #20 g_application_run at ../gio/gapplication.c:2573 Potential duplicate: bug 1933799 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2193021

8 months, 3 weeks

1
14
0 / 0

2024

2023

2022

2021

Epel-packagers-sig October 2023