May 2023 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2209196] New: python-typing-extensions-4.6.0 is available
by bugzilla＠redhat.com 12 Jun '23

12 Jun '23

https://bugzilla.redhat.com/show_bug.cgi?id=2209196 Bug ID: 2209196 Summary: python-typing-extensions-4.6.0 is available Product: Fedora Version: rawhide Status: NEW Component: python-typing-extensions Keywords: FutureFeature, Triaged Assignee: hegjon(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: code(a)musicinmybrain.net, epel-packagers-sig(a)lists.fedoraproject.org, hegjon(a)gmail.com, mail(a)fabian-affolter.ch, michel(a)michel-slm.name Target Milestone: --- Classification: Fedora Releases retrieved: 4.6.0 Upstream release that is considered latest: 4.6.0 Current version/release in rawhide: 4.5.0-1.fc39 URL: https://pypi.org/project/typing-extensions Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/19755/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-typing-extensions -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2209196

1 4

[Bug 2188758] New: rocksdb-8.1.1 is available
by bugzilla＠redhat.com 12 Jun '23

12 Jun '23

https://bugzilla.redhat.com/show_bug.cgi?id=2188758 Bug ID: 2188758 Summary: rocksdb-8.1.1 is available Product: Fedora Version: rawhide Status: NEW Component: rocksdb Keywords: FutureFeature, Triaged Assignee: hegjon(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, hegjon(a)gmail.com, mmuzila(a)redhat.com Target Milestone: --- Classification: Fedora Releases retrieved: 8.1.1 Upstream release that is considered latest: 8.1.1 Current version/release in rawhide: 8.0.0-1.fc39 URL: https://github.com/facebook/rocksdb Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/15560/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/rocksdb -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2188758

1 3

[Bug 2162188] New: CVE-2022-41721 golang-x-net: x/net/http2/h2c: request smuggling [epel-8]
by bugzilla＠redhat.com 12 Jun '23

12 Jun '23

https://bugzilla.redhat.com/show_bug.cgi?id=2162188 Bug ID: 2162188 Summary: CVE-2022-41721 golang-x-net: x/net/http2/h2c: request smuggling [epel-8] Product: Fedora EPEL Version: epel8 Status: NEW Component: golang-x-net Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: zebob.m(a)gmail.com Reporter: askrabec(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, zebob.m(a)gmail.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2162182 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2162188

1 4

[Bug 2196777] New: golang-x-tools-0.9.1 is available
by bugzilla＠redhat.com 11 Jun '23

11 Jun '23

https://bugzilla.redhat.com/show_bug.cgi?id=2196777 Bug ID: 2196777 Summary: golang-x-tools-0.9.1 is available Product: Fedora Version: rawhide Status: NEW Component: golang-x-tools Keywords: FutureFeature, Triaged Assignee: zebob.m(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, zebob.m(a)gmail.com Target Milestone: --- Classification: Fedora Releases retrieved: 0.9.0, 0.9.1 Upstream release that is considered latest: 0.9.1 Current version/release in rawhide: 0.6.0-2.fc39 URL: https://github.com/golang/tools Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/9382/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/golang-x-tools -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2196777

1 13

[Bug 2175556] New: golang-x-crypto-0.7.0 is available
by bugzilla＠redhat.com 11 Jun '23

11 Jun '23

https://bugzilla.redhat.com/show_bug.cgi?id=2175556 Bug ID: 2175556 Summary: golang-x-crypto-0.7.0 is available Product: Fedora Version: rawhide Status: NEW Component: golang-x-crypto Keywords: FutureFeature, Triaged Assignee: zebob.m(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, zebob.m(a)gmail.com Target Milestone: --- Classification: Fedora Releases retrieved: 0.7.0 Upstream release that is considered latest: 0.7.0 Current version/release in rawhide: 0.6.0-1.fc39 URL: https://github.com/golang/crypto Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/328419/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/golang-x-crypto -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2175556

1 12

[Bug 2203614] New: python-flit-3.9.0 is available
by bugzilla＠redhat.com 09 Jun '23

09 Jun '23

https://bugzilla.redhat.com/show_bug.cgi?id=2203614 Bug ID: 2203614 Summary: python-flit-3.9.0 is available Product: Fedora Version: rawhide Status: NEW Component: python-flit Keywords: FutureFeature, Triaged Assignee: mhroncok(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, maxwell(a)gtmx.me, mhroncok(a)redhat.com, michel(a)michel-slm.name, python-packagers-sig(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 3.9.0 Upstream release that is considered latest: 3.9.0 Current version/release in rawhide: 3.8.0-2.fc38 URL: https://flit.readthedocs.io/en/latest/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/12061/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-flit -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2203614

1 3

[Bug 2210123] New: F38FailsToInstall: academic-admin
by bugzilla＠redhat.com 09 Jun '23

09 Jun '23

https://bugzilla.redhat.com/show_bug.cgi?id=2210123 Bug ID: 2210123 Summary: F38FailsToInstall: academic-admin Product: Fedora Version: 38 Status: NEW Component: academic-admin Assignee: redhat(a)flyn.org Reporter: fti-bugs(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, redhat(a)flyn.org Blocks: 2117177 (F38FailsToInstall) Target Milestone: --- Classification: Fedora Hello, Please note that this comment was generated automatically by https://pagure.io/releng/blob/main/f/scripts/ftbfs-fti/follow-policy.py If you feel that this output has mistakes, please open an issue at https://pagure.io/releng/ Your package (academic-admin) Fails To Install in Fedora 38: can't install academic-admin: - nothing provides python3.11dist(ruamel-yaml) = 0.17.22 needed by academic-admin-0.8.1-1.fc38.noarch If you know about this problem and are planning on fixing it, please acknowledge so by setting the bug status to ASSIGNED. If you don't have time to maintain this package, consider orphaning it, so maintainers of dependent packages realize the problem. If you don't react accordingly to the policy for FTBFS/FTI bugs (https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…), your package may be orphaned in 8+ weeks. P.S. The data was generated solely from koji buildroot, so it might be newer than the latest compose or the content on mirrors. To reproduce, use the koji/local repo only, e.g. in mock: $ mock -r fedora-38-x86_64 --config-opts mirrored=False install academic-admin P.P.S. If this bug has been reported in the middle of upgrading multiple dependent packages, please consider using side tags: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/#updating-inter-d… Thanks! Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2117177 [Bug 2117177] Fedora 38 Fails To install Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2210123

1 3

[Bug 2210306] New: Please branch and build python-testrepository in epel9
by bugzilla＠redhat.com 08 Jun '23

08 Jun '23

https://bugzilla.redhat.com/show_bug.cgi?id=2210306 Bug ID: 2210306 Summary: Please branch and build python-testrepository in epel9 Product: Fedora EPEL Version: epel9 Status: NEW Component: python-testrepository Assignee: epel-packagers-sig(a)lists.fedoraproject.org Reporter: jcapitao(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: apevec(a)redhat.com, davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, mrunge(a)redhat.com Target Milestone: --- Classification: Fedora Please branch and build python-testrepository in epel9. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2210306

1 8

[Bug 2127351] New: CVE-2020-7677 yarnpkg: thenify: Arbitrary Code Execution in thenify [fedora-all]
by bugzilla＠redhat.com 05 Jun '23

05 Jun '23

https://bugzilla.redhat.com/show_bug.cgi?id=2127351 Bug ID: 2127351 Summary: CVE-2020-7677 yarnpkg: thenify: Arbitrary Code Execution in thenify [fedora-all] Product: Fedora Version: 36 Status: NEW Component: yarnpkg Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: zsvetlik(a)redhat.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, ngompa13(a)gmail.com, zsvetlik(a)redhat.com Target Milestone: --- Classification: Fedora This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of fedora-all. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2127351

1 10

[Bug 2135472] New: CVE-2022-3517 yarnpkg: nodejs-minimatch: ReDoS via the braceExpand function [fedora-all]
by bugzilla＠redhat.com 05 Jun '23

05 Jun '23

https://bugzilla.redhat.com/show_bug.cgi?id=2135472 Bug ID: 2135472 Summary: CVE-2022-3517 yarnpkg: nodejs-minimatch: ReDoS via the braceExpand function [fedora-all] Product: Fedora Version: 36 Status: NEW Component: yarnpkg Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: zsvetlik(a)redhat.com Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, ngompa13(a)gmail.com, zsvetlik(a)redhat.com Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2134609 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2135472

1 10

2024

2023

2022

2021

Epel-packagers-sig May 2023