January 2024 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2249287] New: TRIAGE CVE-2023-46695 python-django3: python-django: Potential denial of service vulnerability in UsernameField on Windows [fedora-all]
by bugzilla＠redhat.com 11 Apr '24

11 Apr '24

https://bugzilla.redhat.com/show_bug.cgi?id=2249287 Bug ID: 2249287 Summary: TRIAGE CVE-2023-46695 python-django3: python-django: Potential denial of service vulnerability in UsernameField on Windows [fedora-all] Product: Fedora Version: 39 Status: NEW Component: python-django3 Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: michel(a)michel-slm.name Reporter: ntait(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2247097 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2249287 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2249285] New: TRIAGE CVE-2023-46695 python-django3: python-django: Potential denial of service vulnerability in UsernameField on Windows [epel-all]
by bugzilla＠redhat.com 11 Apr '24

11 Apr '24

https://bugzilla.redhat.com/show_bug.cgi?id=2249285 Bug ID: 2249285 Summary: TRIAGE CVE-2023-46695 python-django3: python-django: Potential denial of service vulnerability in UsernameField on Windows [epel-all] Product: Fedora EPEL Version: epel8 Status: NEW Component: python-django3 Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: michel(a)michel-slm.name Reporter: ntait(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2247097 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2249285 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2209669] New: hugo-0.112.2 is available
by bugzilla＠redhat.com 09 Apr '24

09 Apr '24

https://bugzilla.redhat.com/show_bug.cgi?id=2209669 Bug ID: 2209669 Summary: hugo-0.112.2 is available Product: Fedora Version: rawhide Status: NEW Component: hugo Keywords: FutureFeature, Triaged Assignee: athoscribeiro(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: athoscribeiro(a)gmail.com, epel-packagers-sig(a)lists.fedoraproject.org, go-sig(a)lists.fedoraproject.org, quantum.analyst(a)gmail.com, redhat(a)flyn.org Target Milestone: --- Classification: Fedora Releases retrieved: 0.112.0, 0.112.1, 0.112.2 Upstream release that is considered latest: 0.112.2 Current version/release in rawhide: 0.111.3-1.fc39 URL: https://gohugo.io Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/12959/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/hugo -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2209669

1 117

[Bug 2211562] New: python-atpublic-3.1.2 is available
by bugzilla＠redhat.com 09 Apr '24

09 Apr '24

https://bugzilla.redhat.com/show_bug.cgi?id=2211562 Bug ID: 2211562 Summary: python-atpublic-3.1.2 is available Product: Fedora Version: rawhide Status: NEW Component: python-atpublic Keywords: FutureFeature, Triaged Assignee: aurelien(a)bompard.org Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: aurelien(a)bompard.org, epel-packagers-sig(a)lists.fedoraproject.org, jonathan(a)almalinux.org Target Milestone: --- Classification: Fedora Releases retrieved: 3.1.2 Upstream release that is considered latest: 3.1.2 Current version/release in rawhide: 3.1.1-2.fc38 URL: http://public.readthedocs.io Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/19703/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-atpublic -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2211562

1 8

[Bug 2214505] New: golang-x-term-0.9.0 is available
by bugzilla＠redhat.com 07 Apr '24

07 Apr '24

https://bugzilla.redhat.com/show_bug.cgi?id=2214505 Bug ID: 2214505 Summary: golang-x-term-0.9.0 is available Product: Fedora Version: rawhide Status: NEW Component: golang-x-term Keywords: FutureFeature, Triaged Assignee: extras-orphan(a)fedoraproject.org Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, extras-orphan(a)fedoraproject.org, go-sig(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 0.9.0 Upstream release that is considered latest: 0.9.0 Current version/release in rawhide: 0.8.0-1.fc39 URL: https://github.com/golang/term Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/328428/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/golang-x-term -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2214505 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 20

[Bug 2125734] New: Please branch and build python-rpmautospec in epel8.
by bugzilla＠redhat.com 06 Apr '24

06 Apr '24

https://bugzilla.redhat.com/show_bug.cgi?id=2125734 Bug ID: 2125734 Summary: Please branch and build python-rpmautospec in epel8. Product: Fedora EPEL Version: epel8 Status: NEW Component: python-rpmautospec Assignee: asaleh(a)redhat.com Reporter: gotmax(a)e.email CC: asaleh(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, nphilipp(a)redhat.com Target Milestone: --- Classification: Fedora Please branch and build python-rpmautospec in epel8. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2125734

1 8

[Bug 2223039] New: Something is preventing unicorn from building on s390x
by bugzilla＠redhat.com 04 Apr '24

04 Apr '24

https://bugzilla.redhat.com/show_bug.cgi?id=2223039 Bug ID: 2223039 Summary: Something is preventing unicorn from building on s390x Product: Fedora Version: rawhide OS: Linux Status: NEW Component: unicorn Severity: medium Assignee: redhat(a)flyn.org Reporter: mike(a)flyn.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, mail(a)fabian-affolter.ch, redhat(a)flyn.org Target Milestone: --- Classification: Fedora Building unicorn on Fedora's s390x build hosts fails with the error message below. I suspect this is due to a compiler change or perhaps a change to a dependency. Reproducible: Always Steps to Reproduce: Run "fedpkg build" from the package's Git repository. Actual Results: See https://kojipkgs.fedoraproject.org//work/tasks/8545/103368545/build.log. Here is a summary: /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_ldo_le_mmu_ppc64' /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_ldo_be_mmu_ppc64' /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_cmpxchgo_le_mmu_aarch64' /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_cmpxchgo_be_mmu_aarch64' /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_sto_be_mmu_s390x' /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_ldo_be_mmu_s390x' /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_cmpxchgo_be_mmu_s390x' /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_cmpxchgo_be_mmu_ppc64' /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_sto_be_mmu_ppc64' /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_cmpxchgo_le_mmu_ppc64' /usr/bin/ld: libunicorn.so.2: undefined reference to `helper_atomic_sto_le_mmu_ppc64' collect2: error: ld returned 1 exit status gmake[2]: *** [CMakeFiles/sample_batch_reg.dir/build.make:98: sample_batch_reg] Error 1 gmake[1]: *** [CMakeFiles/Makefile2:779: CMakeFiles/sample_batch_reg.dir/all] Error 2 A similar report upstream: https://github.com/unicorn-engine/unicorn/issues/1840 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2223039 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 6

[Bug 2249897] New: [abrt] nemo: viewed_file_changed_callback(): nemo killed by SIGSEGV
by bugzilla＠redhat.com 04 Apr '24

04 Apr '24

https://bugzilla.redhat.com/show_bug.cgi?id=2249897 Bug ID: 2249897 Summary: [abrt] nemo: viewed_file_changed_callback(): nemo killed by SIGSEGV Product: Fedora Version: 39 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:bcd1cfc430f185ffd00c57e648a7c6e7c20cf6ba;VAR IANT_ID=cinnamon; Component: nemo Assignee: leigh123linux(a)googlemail.com Reporter: zsolt.janosi(a)yandex.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, leigh123linux(a)googlemail.com, riehecky(a)fnal.gov Target Milestone: --- Classification: Fedora Version-Release number of selected component: nemo-5.8.5-3.fc39 Additional info: reporter: libreport-2.17.11 runlevel: N 5 journald_cursor: s=ccbab5c9604c4265839cd7bcc4a0fcea;i=6727;b=223f98279c424a90a98d77583c6fb5c3;m=142f5137c;t=60a21655c7673;x=40b7af9a999478d7 type: CCpp kernel: 6.5.11-300.fc39.x86_64 cmdline: /usr/bin/nemo /run/media/ks42/redBlackpen executable: /usr/bin/nemo reason: nemo killed by SIGSEGV cgroup: 0::/user.slice/user-1000.slice/session-2.scope rootdir: / backtrace_rating: 4 uid: 1000 crash_function: viewed_file_changed_callback package: nemo-5.8.5-3.fc39 Truncated backtrace: Thread no. 1 (15 frames) #0 viewed_file_changed_callback at ../src/nemo-window-manage-views.c:289 #2 signal_emit_unlocked_R.isra.0 at ../gobject/gsignal.c:3980 #3 signal_emit_valist_unlocked at ../gobject/gsignal.c:3612 #6 nemo_file_emit_changed at ../libnemo-private/nemo-file.c:7953 #7 nemo_directory_emit_change_signals at ../libnemo-private/nemo-directory.c:776 #8 call_files_changed_common at ../libnemo-private/nemo-directory.c:870 #9 call_files_changed_unref_free_list at ../libnemo-private/nemo-directory.c:889 #10 g_hash_table_foreach at ../glib/ghash.c:2176 #11 nemo_directory_notify_files_removed at ../libnemo-private/nemo-directory.c:1158 #12 nemo_file_changes_consume_changes.constprop.0 at ../libnemo-private/nemo-file-changes-queue.c:314 #13 call_consume_changes_idle_cb at ../libnemo-private/nemo-monitor.c:69 #16 g_main_context_dispatch_unlocked at ../glib/gmain.c:4284 #17 g_main_context_iterate_unlocked.isra.0 at ../glib/gmain.c:4349 #18 g_main_context_iteration at ../glib/gmain.c:4414 #19 g_application_run at ../gio/gapplication.c:2577 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2249897 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2231642] New: GraphicsMagick-1.3.41 is available
by bugzilla＠redhat.com 23 Mar '24

23 Mar '24

https://bugzilla.redhat.com/show_bug.cgi?id=2231642 Bug ID: 2231642 Summary: GraphicsMagick-1.3.41 is available Product: Fedora Version: rawhide Status: NEW Component: GraphicsMagick Keywords: FutureFeature, Triaged Assignee: andreas(a)bawue.net Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: andreas(a)bawue.net, davide(a)cavalca.name, epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, ngompa13(a)gmail.com, rdieter(a)gmail.com Target Milestone: --- Classification: Fedora Releases retrieved: 1.3.41 Upstream release that is considered latest: 1.3.41 Current version/release in rawhide: 1.3.40-3.fc39 URL: http://www.graphicsmagick.org/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/1248/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/GraphicsMagick -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2231642 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2261956] New: python-pytest-django-4.8.0 is available
by bugzilla＠redhat.com 23 Mar '24

23 Mar '24

https://bugzilla.redhat.com/show_bug.cgi?id=2261956 Bug ID: 2261956 Summary: python-pytest-django-4.8.0 is available Product: Fedora Version: rawhide Status: NEW Component: python-pytest-django Keywords: FutureFeature, Triaged Assignee: mail(a)fabian-affolter.ch Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, mail(a)fabian-affolter.ch, michel(a)michel-slm.name Target Milestone: --- Classification: Fedora Releases retrieved: 4.8.0 Upstream release that is considered latest: 4.8.0 Current version/release in rawhide: 4.1.0-12.fc40 URL: https://pypi.org/project/pytest-django/3.7.0 Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/40846/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/python-pytest-django -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2261956 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 5

2024

2023

2022

2021

Epel-packagers-sig January 2024