https://bugzilla.redhat.com/show_bug.cgi?id=1188024
Bug ID: 1188024
Summary: erlang-lfe-0.9.1 is available
Product: Fedora
Version: rawhide
Component: erlang-lfe
Keywords: FutureFeature, Triaged
Assignee: lemenkov(a)gmail.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com
Latest upstream release: 0.9.1
Current version/release in Fedora Rawhide: 0.9.0-2.fc22
URL: https://github.com/rvirding/lfe/tags
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring Soon this service
will be implemented by a new system: https://release-monitoring.org/
It will require to manage monitored projects via a new web interface. Please
make yourself familiar with the new system to ease the transition.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1185515
Bug ID: 1185515
Summary: RabbitMQ: /api/definitions rsponse splitting
vulnerability
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: kseifried(a)redhat.com
CC: abaron(a)redhat.com, aortega(a)redhat.com,
apevec(a)redhat.com, ayoung(a)redhat.com,
chrisw(a)redhat.com, dallan(a)redhat.com,
erlang(a)lists.fedoraproject.org, gkotton(a)redhat.com,
hubert.plociniczak(a)gmail.com, jeckersb(a)redhat.com,
josh(a)fornwall.com, lemenkov(a)gmail.com, lhh(a)redhat.com,
lpeer(a)redhat.com, markmc(a)redhat.com,
pmyers(a)redhat.com, rbryant(a)redhat.com,
rjones(a)redhat.com, s(a)shk.io, sclewis(a)redhat.com,
yeylon(a)redhat.com
26433 fix response-splitting vulnerability in /api/downloads (since 2.1.0)
Bug 26433 allowed an attacker to specify a URL to /api/definitions which
would cause an arbitrary additional header to be returned. This was
fixed by stripping out CR/LF from the "download" query string parameter.
Upstream patches:
http://hg.rabbitmq.com/rabbitmq-management/rev/dceba16cc105
References:
https://groups.google.com/forum/#!topic/rabbitmq-users/-3Z2FyGtXhs
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1185514
Bug ID: 1185514
Summary: RabbitMQ: /api/... XSS vulnerability
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: kseifried(a)redhat.com
CC: abaron(a)redhat.com, aortega(a)redhat.com,
apevec(a)redhat.com, ayoung(a)redhat.com,
chrisw(a)redhat.com, dallan(a)redhat.com,
erlang(a)lists.fedoraproject.org, gkotton(a)redhat.com,
hubert.plociniczak(a)gmail.com, jeckersb(a)redhat.com,
josh(a)fornwall.com, lemenkov(a)gmail.com, lhh(a)redhat.com,
lpeer(a)redhat.com, markmc(a)redhat.com,
pmyers(a)redhat.com, rbryant(a)redhat.com,
rjones(a)redhat.com, s(a)shk.io, sclewis(a)redhat.com,
yeylon(a)redhat.com
26437 prevent /api/* from returning text/html error messages which could act as
an XSS vector (since 2.1.0)
Bug 26437 allowed an attacker to create a URL to "/api/..." which would
provoke an internal server error, resulting in the server returning an
html page with text from the URL embedded and not escaped. This was
fixed by ensuring all URLs below /api/ only ever return responses with a
content type of application/json, even in the case of an internal server
error.
Upstream patches:
http://hg.rabbitmq.com/rabbitmq-web-dispatch/rev/caf3d0a80cf3
References:
https://groups.google.com/forum/#!topic/rabbitmq-users/-3Z2FyGtXhs
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1027085
Bug ID: 1027085
Summary: erlang-riaknostic-1.2.0 is available
Product: Fedora
Version: rawhide
Component: erlang-riaknostic
Keywords: FutureFeature, Triaged
Assignee: lemenkov(a)gmail.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com
Latest upstream release: 1.2.0
Current version/release in Fedora Rawhide: 1.1.0-1.fc20
URL: https://api.github.com/repos/basho/riaknostic/tags
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1152267
Bug ID: 1152267
Summary: Support multiple instances of couchdb
Product: Fedora
Version: rawhide
Component: couchdb
Assignee: lemenkov(a)gmail.com
Reporter: thomas(a)apestaart.org
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com,
wtogami(a)gmail.com
Created attachment 946532
--> https://bugzilla.redhat.com/attachment.cgi?id=946532&action=edit
older style init file
Description of problem:
couchdb is often used as a supporting database for different software which
recommends using a different separate instance for various reasons. Examples I
know of are:
- hood.ie which uses different parameters for the config of couchdb
- feat, a clustering agent which uses python view servers which need to be
custom-configured
- desktopcouch, which uses per-user couch instances
- puppet can use it as an ENC
I'm adding an init file (for older Fedora and pre-7 RHEL), and a systemd
multiple instances file.
In my puppet modules for couchdb, I also add some selinux rules for these
differently named instances, which potentially might make sense to just put in
selinux-policy-targeted instead.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1028657
Bug ID: 1028657
Summary: couchdb should also be usable under normal users
Product: Fedora
Version: rawhide
Component: couchdb
Assignee: lemenkov(a)gmail.com
Reporter: cickumqt(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com
1. Running under normal user:
[rpmaker@fab fedpkg]$ couchdb
Apache CouchDB 1.3.1 (LogLevel=info) is starting.
Error opening log file /var/log/couchdb/couch.log: permission denied{"init
terminating in
do_boot",{{badmatch,{error,{bad_return,{{couch_app,start,[normal,["/etc/couchdb/default.ini","/etc/couchdb/local.ini"]]},{'EXIT',{{badmatch,{error,{shutdown,{failed_to_start_child,couch_primary_services,{shutdown,{failed_to_start_child,couch_log,{error,"permission
denied","/var/log/couchdb/couch.log"}}}}}}},[{couch_server_sup,start_server,1,[{file,"couch_server_sup.erl"},{line,98}]},{application_master,start_it_old,4,[{file,"application_master.erl"},{line,269}]}]}}}}}},[{couch,start,0,[{file,"couch.erl"},{line,18}]},{init,start_it,1,[]},{init,start_em,1,[]}]}}
2. Running under root:
[root@fab fedpkg]# couchdb
Apache CouchDB 1.3.1 (LogLevel=info) is starting.
Apache CouchDB has started. Time to relax.
[info] [<0.31.0>] Apache CouchDB has started on http://127.0.0.1:5984/
I don't know why this happened, but I think there might have some dirs/files
are operated by incorrect permissions setting.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1095727
Bug ID: 1095727
Summary: Remove dependency on erlang-wx from erlang-reltool
Product: Fedora
Version: rawhide
Component: erlang
Assignee: lemenkov(a)gmail.com
Reporter: lemenkov(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com,
rhbugs(a)n-dimensional.de, s(a)shk.io
Subj
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1095721
Bug ID: 1095721
Summary: Remove dependency on erlang-wx from erlang-observer
Product: Fedora
Version: rawhide
Component: erlang
Assignee: lemenkov(a)gmail.com
Reporter: lemenkov(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com,
rhbugs(a)n-dimensional.de, s(a)shk.io
Subj
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1095718
Bug ID: 1095718
Summary: Remove dependency on erlang-wx from erlang-et
Product: Fedora
Version: rawhide
Component: erlang
Assignee: lemenkov(a)gmail.com
Reporter: lemenkov(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com,
rhbugs(a)n-dimensional.de, s(a)shk.io
Subj
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1095717
Bug ID: 1095717
Summary: Remove dependency on erlang-wx from erlang-dialyzer
Product: Fedora
Version: rawhide
Component: erlang
Assignee: lemenkov(a)gmail.com
Reporter: lemenkov(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com,
rhbugs(a)n-dimensional.de, s(a)shk.io
Subj
--
You are receiving this mail because:
You are on the CC list for the bug.