erlang December 2016

erlang@lists.fedoraproject.org

3 participants
80 discussions

[Bug 1166064] New: CVE-2012-6662 jquery-ui: XSS vulnerability in default content in Tooltip widget
by Red Hat Bugzilla 20 Dec '16

20 Dec '16

https://bugzilla.redhat.com/show_bug.cgi?id=1166064 Bug ID: 1166064 Summary: CVE-2012-6662 jquery-ui: XSS vulnerability in default content in Tooltip widget Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: abaron(a)redhat.com, abokovoy(a)redhat.com, andrew(a)topdog.za.net, andrewniemants(a)gmail.com, aortega(a)redhat.com, apatters(a)redhat.com, apevec(a)redhat.com, athmanem(a)gmail.com, ayoung(a)redhat.com, bazanluis20(a)gmail.com, bkabrda(a)redhat.com, bkearney(a)redhat.com, bleanhar(a)redhat.com, brett.lentz(a)gmail.com, bruno(a)wolff.to, casper(a)casperlefantom.net, cbillett(a)redhat.com, ccoleman(a)redhat.com, chat-to-me(a)raveit.de, chkr(a)plauener.de, chrisw(a)redhat.com, comzeradd(a)fedoraproject.org, cpelland(a)redhat.com, croberts(a)redhat.com, dajohnso(a)redhat.com, dallan(a)redhat.com, dan(a)danny.cz, david.r(a)ultracar.co.uk, dclarizi(a)redhat.com, devrim(a)gunduz.org, dmcphers(a)redhat.com, dridi.boukelmoune(a)gmail.com, echevemaster(a)gmail.com, emmanuel(a)seyman.fr, erlang(a)lists.fedoraproject.org, extras-orphan(a)fedoraproject.org, fabio(a)locati.cc, fdc(a)fcami.net, fedora(a)famillecollet.com, frankly3d(a)gmail.com, gbailey(a)lxpro.com, gkotton(a)redhat.com, gmccullo(a)redhat.com, herrold(a)owlriver.com, hhorak(a)redhat.com, hobbes1069(a)gmail.com, home(a)trarbentley.net, i(a)cicku.me, i(a)stingr.net, ian(a)ianweller.org, iarnell(a)gmail.com, ipa-maint(a)redhat.com, ivaxer(a)gmail.com, jamielinux(a)fedoraproject.org, jaswinder(a)kernel.org, jdetiber(a)redhat.com, jdornak(a)redhat.com, jhardy(a)redhat.com, jialiu(a)redhat.com, jimi(a)sngx.net, jkeck(a)redhat.com, jmlich(a)redhat.com, jochen(a)herr-schmitt.de, joelsmith(a)redhat.com, jokajak(a)fedoraproject.org, jokerman(a)redhat.com, jonathansteffan(a)gmail.com, jorton(a)redhat.com, jprause(a)redhat.com, jrafanie(a)redhat.com, jsmith.fedora(a)gmail.com, jstribny(a)redhat.com, jvlcek(a)redhat.com, karlthered(a)gmail.com, katello-bugs(a)redhat.com, kevin(a)scrye.com, kseifried(a)redhat.com, ktdreyer(a)ktdreyer.com, kwizart(a)gmail.com, leigh123linux(a)googlemail.com, lemenkov(a)gmail.com, lhh(a)redhat.com, limburgher(a)gmail.com, lmacken(a)redhat.com, lmeyer(a)redhat.com, loganjerry(a)gmail.com, lpeer(a)redhat.com, luto(a)mit.edu, markmc(a)redhat.com, matt(a)cs.wisc.edu, mbarnes(a)redhat.com, mburns(a)redhat.com, mcepl(a)redhat.com, mclasen(a)redhat.com, metherid(a)gmail.com, mhroncok(a)redhat.com, michel(a)michel-slm.name, mike(a)cchtml.com, miketwebster(a)gmail.com, mkosek(a)redhat.com, mmaslano(a)redhat.com, mmccomas(a)redhat.com, mmccune(a)redhat.com, mmcgrath(a)redhat.com, mrunge(a)redhat.com, nelsonab(a)red-tux.net, nonamedotc(a)gmail.com, nushio(a)fedoraproject.org, obarenbo(a)redhat.com, oliver(a)linux-kernel.at, orion(a)cora.nwra.com, paulo.cesar.pereira.de.andrade(a)gmail.com, pavel(a)zhukoff.net, perl-devel(a)lists.fedoraproject.org, peter.borsa(a)gmail.com, phalliday(a)excelsiorsystems.net, pmyers(a)redhat.com, praiskup(a)redhat.com, promac(a)gmail.com, puiterwijk(a)redhat.com, pviktori(a)redhat.com, pvoborni(a)redhat.com, python-maint(a)redhat.com, rbean(a)redhat.com, rbryant(a)redhat.com, rcritten(a)redhat.com, relrod(a)redhat.com, rhos-maint(a)redhat.com, rnovacek(a)redhat.com, robinlee.sysu(a)gmail.com, satya.komaragiri(a)gmail.com, sclewis(a)redhat.com, scott(a)foolishpride.org, sdodson(a)sdodson.com, shawn.iwinski(a)gmail.com, smparrish(a)gmail.com, ssorce(a)redhat.com, stickster(a)gmail.com, sven(a)lank.es, tadej.janez(a)tadej.hicsalta.si, tchollingsworth(a)gmail.com, thomas.moschny(a)gmx.de, thozza(a)redhat.com, tim4dev(a)gmail.com, tjay(a)redhat.com, tmckay(a)redhat.com, tomckay(a)redhat.com, vanmeeuwen+fedora(a)kolabsys.com, volker27(a)gmx.at, vondruch(a)redhat.com, vonsch(a)gmail.com, wojdyr(a)gmail.com, wtogami(a)gmail.com, xlecauch(a)redhat.com, yeylon(a)redhat.com, yohangraterol92(a)gmail.com, zbyszek(a)in.waw.pl jQuery UI 1.10.0 release fixes XSS issue [1] in jQuery Tooltip widget. >From [1]: ... WIDGETS Tooltip Fixed: XSS vulnerability in default content. (#8861, f285440) ... The issue was initially reported in [2], and then actually fixed in [3] by commit [4]. [1]: http://jqueryui.com/changelog/1.10.0/ [2]: http://bugs.jqueryui.com/ticket/8859 [3]: http://bugs.jqueryui.com/ticket/8861 [4]: https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904a… -- Note: whiteboard lists quite some packages, which are known to have jQuery embedded. -- You are receiving this mail because: You are on the CC list for the bug.

1 131

[Bug 1166041] New: CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option
by Red Hat Bugzilla 20 Dec '16

20 Dec '16

https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug ID: 1166041 Summary: CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: abaron(a)redhat.com, abokovoy(a)redhat.com, andrew(a)topdog.za.net, andrewniemants(a)gmail.com, aortega(a)redhat.com, apatters(a)redhat.com, apevec(a)redhat.com, athmanem(a)gmail.com, ayoung(a)redhat.com, bazanluis20(a)gmail.com, bkabrda(a)redhat.com, bkearney(a)redhat.com, bleanhar(a)redhat.com, brett.lentz(a)gmail.com, bruno(a)wolff.to, casper(a)casperlefantom.net, cbillett(a)redhat.com, ccoleman(a)redhat.com, chat-to-me(a)raveit.de, chkr(a)plauener.de, chrisw(a)redhat.com, comzeradd(a)fedoraproject.org, cpelland(a)redhat.com, croberts(a)redhat.com, dajohnso(a)redhat.com, dallan(a)redhat.com, dan(a)danny.cz, david.r(a)ultracar.co.uk, dclarizi(a)redhat.com, devrim(a)gunduz.org, dmcphers(a)redhat.com, dridi.boukelmoune(a)gmail.com, echevemaster(a)gmail.com, emmanuel(a)seyman.fr, erlang(a)lists.fedoraproject.org, extras-orphan(a)fedoraproject.org, fabio(a)locati.cc, fdc(a)fcami.net, fedora(a)famillecollet.com, frankly3d(a)gmail.com, gbailey(a)lxpro.com, gkotton(a)redhat.com, gmccullo(a)redhat.com, herrold(a)owlriver.com, hhorak(a)redhat.com, hobbes1069(a)gmail.com, home(a)trarbentley.net, i(a)cicku.me, i(a)stingr.net, ian(a)ianweller.org, iarnell(a)gmail.com, ipa-maint(a)redhat.com, ivaxer(a)gmail.com, jamielinux(a)fedoraproject.org, jaswinder(a)kernel.org, jdetiber(a)redhat.com, jdornak(a)redhat.com, jhardy(a)redhat.com, jialiu(a)redhat.com, jimi(a)sngx.net, jkeck(a)redhat.com, jmlich(a)redhat.com, jochen(a)herr-schmitt.de, joelsmith(a)redhat.com, jokajak(a)fedoraproject.org, jokerman(a)redhat.com, jonathansteffan(a)gmail.com, jorton(a)redhat.com, jprause(a)redhat.com, jrafanie(a)redhat.com, jsmith.fedora(a)gmail.com, jstribny(a)redhat.com, jvlcek(a)redhat.com, karlthered(a)gmail.com, katello-bugs(a)redhat.com, kevin(a)scrye.com, kseifried(a)redhat.com, ktdreyer(a)ktdreyer.com, kwizart(a)gmail.com, leigh123linux(a)googlemail.com, lemenkov(a)gmail.com, lhh(a)redhat.com, limburgher(a)gmail.com, lmacken(a)redhat.com, lmeyer(a)redhat.com, loganjerry(a)gmail.com, lpeer(a)redhat.com, luto(a)mit.edu, markmc(a)redhat.com, matt(a)cs.wisc.edu, mbarnes(a)redhat.com, mburns(a)redhat.com, mcepl(a)redhat.com, mclasen(a)redhat.com, metherid(a)gmail.com, mhroncok(a)redhat.com, michel(a)michel-slm.name, mike(a)cchtml.com, miketwebster(a)gmail.com, mkosek(a)redhat.com, mmaslano(a)redhat.com, mmccomas(a)redhat.com, mmccune(a)redhat.com, mmcgrath(a)redhat.com, mrunge(a)redhat.com, nelsonab(a)red-tux.net, nonamedotc(a)gmail.com, nushio(a)fedoraproject.org, obarenbo(a)redhat.com, oliver(a)linux-kernel.at, orion(a)cora.nwra.com, paulo.cesar.pereira.de.andrade(a)gmail.com, pavel(a)zhukoff.net, perl-devel(a)lists.fedoraproject.org, peter.borsa(a)gmail.com, phalliday(a)excelsiorsystems.net, pmyers(a)redhat.com, praiskup(a)redhat.com, promac(a)gmail.com, puiterwijk(a)redhat.com, pviktori(a)redhat.com, pvoborni(a)redhat.com, python-maint(a)redhat.com, rbean(a)redhat.com, rbryant(a)redhat.com, rcritten(a)redhat.com, relrod(a)redhat.com, rhos-maint(a)redhat.com, rnovacek(a)redhat.com, robinlee.sysu(a)gmail.com, satya.komaragiri(a)gmail.com, sclewis(a)redhat.com, scott(a)foolishpride.org, sdodson(a)sdodson.com, shawn.iwinski(a)gmail.com, smparrish(a)gmail.com, ssorce(a)redhat.com, stickster(a)gmail.com, sven(a)lank.es, tadej.janez(a)tadej.hicsalta.si, tchollingsworth(a)gmail.com, thomas.moschny(a)gmx.de, thozza(a)redhat.com, tim4dev(a)gmail.com, tjay(a)redhat.com, tmckay(a)redhat.com, tomckay(a)redhat.com, vanmeeuwen+fedora(a)kolabsys.com, volker27(a)gmx.at, vondruch(a)redhat.com, vonsch(a)gmail.com, wojdyr(a)gmail.com, wtogami(a)gmail.com, xlecauch(a)redhat.com, yeylon(a)redhat.com, yohangraterol92(a)gmail.com, zbyszek(a)in.waw.pl jQuery UI 1.10.0 release fixes XSS issue [1] in jQuery.ui.dialog title option. >From [1]: ... WIDGETS Dialog Fixed: Title XSS Vulnerability. (#6016, 7e9060c) ... Upstream commit that fixes this: https://github.com/jquery/jquery-ui/commit/7e9060c109b928769a664dbcc2c17bd2… More info can be found in the upstream bugtracker [2]. [1]: http://jqueryui.com/changelog/1.10.0/ [2]: http://bugs.jqueryui.com/ticket/6016 -- Note: whiteboard lists quite some packages, which are known to have jQuery embedded. -- You are receiving this mail because: You are on the CC list for the bug.

1 149

Broken dependencies: erlang-riak_pipe
by Fedora Koji Build System 19 Dec '16

19 Dec '16

erlang-riak_pipe has broken dependencies in the rawhide tree: On ppc64: erlang-riak_pipe-1.3.2-3.fc22.ppc64 requires erlang-riak_core(ppc-64) >= 0:1.3.2 On ppc64le: erlang-riak_pipe-1.3.2-3.fc22.ppc64le requires erlang-riak_core(ppc-64) >= 0:1.3.2 Please resolve this as soon as possible.

1 0

Broken dependencies: erlang-riak_pipe
by Fedora Koji Build System 19 Dec '16

19 Dec '16

1 0

Broken dependencies: erlang-riak_pipe
by Fedora Koji Build System 15 Dec '16

15 Dec '16

1 0

Broken dependencies: erlang-riak_pipe
by Fedora Koji Build System 15 Dec '16

15 Dec '16

1 0

[Bug 1404150] CVE-2015-8786 rabbitmq-server: DoS via lengths_age or lengths_incr parameter in the management plugin
by Red Hat Bugzilla 13 Dec '16

13 Dec '16

1 0

[Bug 1404150] CVE-2015-8786 rabbitmq-server: DoS via lengths_age or lengths_incr parameter in the management plugin
by Red Hat Bugzilla 13 Dec '16

13 Dec '16

https://bugzilla.redhat.com/show_bug.cgi?id=1404150 Andrej Nemec <anemec(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1404151 --- Comment #1 from Andrej Nemec <anemec(a)redhat.com> --- Created rabbitmq-server tracking bugs for this issue: Affects: epel-all [bug 1404151] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1404151 [Bug 1404151] CVE-2015-8786 rabbitmq-server: DoS via lengths_age or lengths_incr parameter in the management plugin [epel-all] -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1354694] New: erlang-protobuffs-0.8.4 is available
by Red Hat Bugzilla 11 Dec '16

11 Dec '16

https://bugzilla.redhat.com/show_bug.cgi?id=1354694 Bug ID: 1354694 Summary: erlang-protobuffs-0.8.4 is available Product: Fedora Version: rawhide Component: erlang-protobuffs Keywords: FutureFeature, Triaged Assignee: lemenkov(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com Latest upstream release: 0.8.4 Current version/release in rawhide: 0.8.3-1.fc25 URL: https://github.com/basho/erlang_protobuffs Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/738/ -- You are receiving this mail because: You are on the CC list for the bug.

1 12

Broken dependencies: erlang-riak_pipe
by Fedora Koji Build System 11 Dec '16

11 Dec '16

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

erlang December 2016