[Bug 2185885] New: python-django3 cannot be used to substitute python-django
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2185885
Bug ID: 2185885
Summary: python-django3 cannot be used to substitute
python-django
Product: Fedora
Version: rawhide
Status: NEW
Component: python-django3
Assignee: michel(a)michel-slm.name
Reporter: lzaoral(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
Description of problem: python-django3 cannot be used to substitute
python-django
Version-Release number of selected component (if applicable): All available
releases for Fedora and EPEL.
How reproducible: always
Steps to Reproduce:
Run `dnf install python3-django3 python3-kobo-django`
Actual results:
Error:
Problem: package python3-kobo-django-0.19.0-2.el8.noarch requires
python3-django >= 1.6, but none of the providers can be installed
- package python3-django3-3.2.18-1.el8.noarch conflicts with python3-django
provided by python3-django-2.2.24-1.el8.noarch
- conflicting requests
(try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use
not only best candidate packages)
Expected results:
Both packages install and coexist without any issues.
Additional info:
The spec is missing a respective `Provides:` declaration.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2185885
1 year, 1 month
[Bug 2185715] New: CVE-2023-1906 ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2185715
Bug ID: 2185715
Summary: CVE-2023-1906 ImageMagick: heap-based buffer overflow
in ImportMultiSpectralQuantum() in
MagickCore/quantum-import.c [fedora-all]
Product: Fedora
Version: 37
Status: NEW
Component: ImageMagick
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: luya_tfz(a)thefinalzone.net
Reporter: trathi(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: blaise(a)gmail.com, davide(a)cavalca.name,
epel-packagers-sig(a)lists.fedoraproject.org,
fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net,
michel(a)michel-slm.name, ngompa13(a)gmail.com,
pampelmuse(a)gmx.at, sergio(a)serjux.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2185714
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2185715
1 year, 1 month
[Bug 2185716] New: CVE-2023-1906 ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c [epel-8]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2185716
Bug ID: 2185716
Summary: CVE-2023-1906 ImageMagick: heap-based buffer overflow
in ImportMultiSpectralQuantum() in
MagickCore/quantum-import.c [epel-8]
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: ImageMagick
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: luya_tfz(a)thefinalzone.net
Reporter: trathi(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: blaise(a)gmail.com, davide(a)cavalca.name,
epel-packagers-sig(a)lists.fedoraproject.org,
fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net,
michel(a)michel-slm.name, ngompa13(a)gmail.com,
pampelmuse(a)gmx.at, sergio(a)serjux.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2185714
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2185716
1 year, 1 month
[Bug 2196644] New: CVE-2023-30861 python-flask: flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2196644
Bug ID: 2196644
Summary: CVE-2023-30861 python-flask: flask: Possible
disclosure of permanent session cookie due to missing
Vary: Cookie header [fedora-all]
Product: Fedora
Version: 38
Status: NEW
Component: python-flask
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: fzatlouk(a)redhat.com
Reporter: mbenatto(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: danielmyoung(a)gmail.com,
epel-packagers-sig(a)lists.fedoraproject.org,
fzatlouk(a)redhat.com, hushan.jia(a)gmail.com,
karlthered(a)gmail.com, patrick(a)puiterwijk.org,
python-packagers-sig(a)lists.fedoraproject.org,
tdawson(a)redhat.com, tflink(a)redhat.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2196643
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2196644
1 year, 1 month