December 2016 - erlang - Fedora Mailing-Lists

[Bug 1166064] New: CVE-2012-6662 jquery-ui: XSS vulnerability in default content in Tooltip widget

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1166064 Bug ID: 1166064 Summary: CVE-2012-6662 jquery-ui: XSS vulnerability in default content in Tooltip widget Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: abaron(a)redhat.com, abokovoy(a)redhat.com, andrew(a)topdog.za.net, andrewniemants(a)gmail.com, aortega(a)redhat.com, apatters(a)redhat.com, apevec(a)redhat.com, athmanem(a)gmail.com, ayoung(a)redhat.com, bazanluis20(a)gmail.com, bkabrda(a)redhat.com, bkearney(a)redhat.com, bleanhar(a)redhat.com, brett.lentz(a)gmail.com, bruno(a)wolff.to, casper(a)casperlefantom.net, cbillett(a)redhat.com, ccoleman(a)redhat.com, chat-to-me(a)raveit.de, chkr(a)plauener.de, chrisw(a)redhat.com, comzeradd(a)fedoraproject.org, cpelland(a)redhat.com, croberts(a)redhat.com, dajohnso(a)redhat.com, dallan(a)redhat.com, dan(a)danny.cz, david.r(a)ultracar.co.uk, dclarizi(a)redhat.com, devrim(a)gunduz.org, dmcphers(a)redhat.com, dridi.boukelmoune(a)gmail.com, echevemaster(a)gmail.com, emmanuel(a)seyman.fr, erlang(a)lists.fedoraproject.org, extras-orphan(a)fedoraproject.org, fabio(a)locati.cc, fdc(a)fcami.net, fedora(a)famillecollet.com, frankly3d(a)gmail.com, gbailey(a)lxpro.com, gkotton(a)redhat.com, gmccullo(a)redhat.com, herrold(a)owlriver.com, hhorak(a)redhat.com, hobbes1069(a)gmail.com, home(a)trarbentley.net, i(a)cicku.me, i(a)stingr.net, ian(a)ianweller.org, iarnell(a)gmail.com, ipa-maint(a)redhat.com, ivaxer(a)gmail.com, jamielinux(a)fedoraproject.org, jaswinder(a)kernel.org, jdetiber(a)redhat.com, jdornak(a)redhat.com, jhardy(a)redhat.com, jialiu(a)redhat.com, jimi(a)sngx.net, jkeck(a)redhat.com, jmlich(a)redhat.com, jochen(a)herr-schmitt.de, joelsmith(a)redhat.com, jokajak(a)fedoraproject.org, jokerman(a)redhat.com, jonathansteffan(a)gmail.com, jorton(a)redhat.com, jprause(a)redhat.com, jrafanie(a)redhat.com, jsmith.fedora(a)gmail.com, jstribny(a)redhat.com, jvlcek(a)redhat.com, karlthered(a)gmail.com, katello-bugs(a)redhat.com, kevin(a)scrye.com, kseifried(a)redhat.com, ktdreyer(a)ktdreyer.com, kwizart(a)gmail.com, leigh123linux(a)googlemail.com, lemenkov(a)gmail.com, lhh(a)redhat.com, limburgher(a)gmail.com, lmacken(a)redhat.com, lmeyer(a)redhat.com, loganjerry(a)gmail.com, lpeer(a)redhat.com, luto(a)mit.edu, markmc(a)redhat.com, matt(a)cs.wisc.edu, mbarnes(a)redhat.com, mburns(a)redhat.com, mcepl(a)redhat.com, mclasen(a)redhat.com, metherid(a)gmail.com, mhroncok(a)redhat.com, michel(a)michel-slm.name, mike(a)cchtml.com, miketwebster(a)gmail.com, mkosek(a)redhat.com, mmaslano(a)redhat.com, mmccomas(a)redhat.com, mmccune(a)redhat.com, mmcgrath(a)redhat.com, mrunge(a)redhat.com, nelsonab(a)red-tux.net, nonamedotc(a)gmail.com, nushio(a)fedoraproject.org, obarenbo(a)redhat.com, oliver(a)linux-kernel.at, orion(a)cora.nwra.com, paulo.cesar.pereira.de.andrade(a)gmail.com, pavel(a)zhukoff.net, perl-devel(a)lists.fedoraproject.org, peter.borsa(a)gmail.com, phalliday(a)excelsiorsystems.net, pmyers(a)redhat.com, praiskup(a)redhat.com, promac(a)gmail.com, puiterwijk(a)redhat.com, pviktori(a)redhat.com, pvoborni(a)redhat.com, python-maint(a)redhat.com, rbean(a)redhat.com, rbryant(a)redhat.com, rcritten(a)redhat.com, relrod(a)redhat.com, rhos-maint(a)redhat.com, rnovacek(a)redhat.com, robinlee.sysu(a)gmail.com, satya.komaragiri(a)gmail.com, sclewis(a)redhat.com, scott(a)foolishpride.org, sdodson(a)sdodson.com, shawn.iwinski(a)gmail.com, smparrish(a)gmail.com, ssorce(a)redhat.com, stickster(a)gmail.com, sven(a)lank.es, tadej.janez(a)tadej.hicsalta.si, tchollingsworth(a)gmail.com, thomas.moschny(a)gmx.de, thozza(a)redhat.com, tim4dev(a)gmail.com, tjay(a)redhat.com, tmckay(a)redhat.com, tomckay(a)redhat.com, vanmeeuwen+fedora(a)kolabsys.com, volker27(a)gmx.at, vondruch(a)redhat.com, vonsch(a)gmail.com, wojdyr(a)gmail.com, wtogami(a)gmail.com, xlecauch(a)redhat.com, yeylon(a)redhat.com, yohangraterol92(a)gmail.com, zbyszek(a)in.waw.pl jQuery UI 1.10.0 release fixes XSS issue [1] in jQuery Tooltip widget. >From [1]: ... WIDGETS Tooltip Fixed: XSS vulnerability in default content. (#8861, f285440) ... The issue was initially reported in [2], and then actually fixed in [3] by commit [4]. [1]: http://jqueryui.com/changelog/1.10.0/ [2]: http://bugs.jqueryui.com/ticket/8859 [3]: http://bugs.jqueryui.com/ticket/8861 [4]: https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf867676190... -- Note: whiteboard lists quite some packages, which are known to have jQuery embedded. -- You are receiving this mail because: You are on the CC list for the bug.

7 years, 4 months

1
131
0 / 0

[Bug 1166041] New: CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug ID: 1166041 Summary: CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: abaron(a)redhat.com, abokovoy(a)redhat.com, andrew(a)topdog.za.net, andrewniemants(a)gmail.com, aortega(a)redhat.com, apatters(a)redhat.com, apevec(a)redhat.com, athmanem(a)gmail.com, ayoung(a)redhat.com, bazanluis20(a)gmail.com, bkabrda(a)redhat.com, bkearney(a)redhat.com, bleanhar(a)redhat.com, brett.lentz(a)gmail.com, bruno(a)wolff.to, casper(a)casperlefantom.net, cbillett(a)redhat.com, ccoleman(a)redhat.com, chat-to-me(a)raveit.de, chkr(a)plauener.de, chrisw(a)redhat.com, comzeradd(a)fedoraproject.org, cpelland(a)redhat.com, croberts(a)redhat.com, dajohnso(a)redhat.com, dallan(a)redhat.com, dan(a)danny.cz, david.r(a)ultracar.co.uk, dclarizi(a)redhat.com, devrim(a)gunduz.org, dmcphers(a)redhat.com, dridi.boukelmoune(a)gmail.com, echevemaster(a)gmail.com, emmanuel(a)seyman.fr, erlang(a)lists.fedoraproject.org, extras-orphan(a)fedoraproject.org, fabio(a)locati.cc, fdc(a)fcami.net, fedora(a)famillecollet.com, frankly3d(a)gmail.com, gbailey(a)lxpro.com, gkotton(a)redhat.com, gmccullo(a)redhat.com, herrold(a)owlriver.com, hhorak(a)redhat.com, hobbes1069(a)gmail.com, home(a)trarbentley.net, i(a)cicku.me, i(a)stingr.net, ian(a)ianweller.org, iarnell(a)gmail.com, ipa-maint(a)redhat.com, ivaxer(a)gmail.com, jamielinux(a)fedoraproject.org, jaswinder(a)kernel.org, jdetiber(a)redhat.com, jdornak(a)redhat.com, jhardy(a)redhat.com, jialiu(a)redhat.com, jimi(a)sngx.net, jkeck(a)redhat.com, jmlich(a)redhat.com, jochen(a)herr-schmitt.de, joelsmith(a)redhat.com, jokajak(a)fedoraproject.org, jokerman(a)redhat.com, jonathansteffan(a)gmail.com, jorton(a)redhat.com, jprause(a)redhat.com, jrafanie(a)redhat.com, jsmith.fedora(a)gmail.com, jstribny(a)redhat.com, jvlcek(a)redhat.com, karlthered(a)gmail.com, katello-bugs(a)redhat.com, kevin(a)scrye.com, kseifried(a)redhat.com, ktdreyer(a)ktdreyer.com, kwizart(a)gmail.com, leigh123linux(a)googlemail.com, lemenkov(a)gmail.com, lhh(a)redhat.com, limburgher(a)gmail.com, lmacken(a)redhat.com, lmeyer(a)redhat.com, loganjerry(a)gmail.com, lpeer(a)redhat.com, luto(a)mit.edu, markmc(a)redhat.com, matt(a)cs.wisc.edu, mbarnes(a)redhat.com, mburns(a)redhat.com, mcepl(a)redhat.com, mclasen(a)redhat.com, metherid(a)gmail.com, mhroncok(a)redhat.com, michel(a)michel-slm.name, mike(a)cchtml.com, miketwebster(a)gmail.com, mkosek(a)redhat.com, mmaslano(a)redhat.com, mmccomas(a)redhat.com, mmccune(a)redhat.com, mmcgrath(a)redhat.com, mrunge(a)redhat.com, nelsonab(a)red-tux.net, nonamedotc(a)gmail.com, nushio(a)fedoraproject.org, obarenbo(a)redhat.com, oliver(a)linux-kernel.at, orion(a)cora.nwra.com, paulo.cesar.pereira.de.andrade(a)gmail.com, pavel(a)zhukoff.net, perl-devel(a)lists.fedoraproject.org, peter.borsa(a)gmail.com, phalliday(a)excelsiorsystems.net, pmyers(a)redhat.com, praiskup(a)redhat.com, promac(a)gmail.com, puiterwijk(a)redhat.com, pviktori(a)redhat.com, pvoborni(a)redhat.com, python-maint(a)redhat.com, rbean(a)redhat.com, rbryant(a)redhat.com, rcritten(a)redhat.com, relrod(a)redhat.com, rhos-maint(a)redhat.com, rnovacek(a)redhat.com, robinlee.sysu(a)gmail.com, satya.komaragiri(a)gmail.com, sclewis(a)redhat.com, scott(a)foolishpride.org, sdodson(a)sdodson.com, shawn.iwinski(a)gmail.com, smparrish(a)gmail.com, ssorce(a)redhat.com, stickster(a)gmail.com, sven(a)lank.es, tadej.janez(a)tadej.hicsalta.si, tchollingsworth(a)gmail.com, thomas.moschny(a)gmx.de, thozza(a)redhat.com, tim4dev(a)gmail.com, tjay(a)redhat.com, tmckay(a)redhat.com, tomckay(a)redhat.com, vanmeeuwen+fedora(a)kolabsys.com, volker27(a)gmx.at, vondruch(a)redhat.com, vonsch(a)gmail.com, wojdyr(a)gmail.com, wtogami(a)gmail.com, xlecauch(a)redhat.com, yeylon(a)redhat.com, yohangraterol92(a)gmail.com, zbyszek(a)in.waw.pl jQuery UI 1.10.0 release fixes XSS issue [1] in jQuery.ui.dialog title option. >From [1]: ... WIDGETS Dialog Fixed: Title XSS Vulnerability. (#6016, 7e9060c) ... Upstream commit that fixes this: https://github.com/jquery/jquery-ui/commit/7e9060c109b928769a664dbcc2c17b... More info can be found in the upstream bugtracker [2]. [1]: http://jqueryui.com/changelog/1.10.0/ [2]: http://bugs.jqueryui.com/ticket/6016 -- Note: whiteboard lists quite some packages, which are known to have jQuery embedded. -- You are receiving this mail because: You are on the CC list for the bug.

7 years, 4 months

1
149
0 / 0

Broken dependencies: erlang-riak_pipe

by Fedora Koji Build System

erlang-riak_pipe has broken dependencies in the rawhide tree: On ppc64: erlang-riak_pipe-1.3.2-3.fc22.ppc64 requires erlang-riak_core(ppc-64) >= 0:1.3.2 On ppc64le: erlang-riak_pipe-1.3.2-3.fc22.ppc64le requires erlang-riak_core(ppc-64) >= 0:1.3.2 Please resolve this as soon as possible.

7 years, 4 months

1
0
0 / 0

Broken dependencies: erlang-riak_pipe

by Fedora Koji Build System

erlang-riak_pipe has broken dependencies in the rawhide tree: On ppc64: erlang-riak_pipe-1.3.2-3.fc22.ppc64 requires erlang-riak_core(ppc-64) >= 0:1.3.2 On ppc64le: erlang-riak_pipe-1.3.2-3.fc22.ppc64le requires erlang-riak_core(ppc-64) >= 0:1.3.2 Please resolve this as soon as possible.

7 years, 4 months

1
0
0 / 0

Broken dependencies: erlang-riak_pipe

by Fedora Koji Build System

erlang-riak_pipe has broken dependencies in the rawhide tree: On ppc64: erlang-riak_pipe-1.3.2-3.fc22.ppc64 requires erlang-riak_core(ppc-64) >= 0:1.3.2 On ppc64le: erlang-riak_pipe-1.3.2-3.fc22.ppc64le requires erlang-riak_core(ppc-64) >= 0:1.3.2 Please resolve this as soon as possible.

7 years, 4 months

1
0
0 / 0

Broken dependencies: erlang-riak_pipe

by Fedora Koji Build System

erlang-riak_pipe has broken dependencies in the rawhide tree: On ppc64: erlang-riak_pipe-1.3.2-3.fc22.ppc64 requires erlang-riak_core(ppc-64) >= 0:1.3.2 On ppc64le: erlang-riak_pipe-1.3.2-3.fc22.ppc64le requires erlang-riak_core(ppc-64) >= 0:1.3.2 Please resolve this as soon as possible.

7 years, 4 months

1
0
0 / 0

[Bug 1404150] CVE-2015-8786 rabbitmq-server: DoS via lengths_age or lengths_incr parameter in the management plugin

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1404150 Andrej Nemec <anemec(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1404153 -- You are receiving this mail because: You are on the CC list for the bug.

7 years, 4 months

1
0
0 / 0

[Bug 1404150] CVE-2015-8786 rabbitmq-server: DoS via lengths_age or lengths_incr parameter in the management plugin

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1404150 Andrej Nemec <anemec(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1404151 --- Comment #1 from Andrej Nemec <anemec(a)redhat.com> --- Created rabbitmq-server tracking bugs for this issue: Affects: epel-all [bug 1404151] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1404151 [Bug 1404151] CVE-2015-8786 rabbitmq-server: DoS via lengths_age or lengths_incr parameter in the management plugin [epel-all] -- You are receiving this mail because: You are on the CC list for the bug.

7 years, 4 months

1
0
0 / 0

[Bug 1354694] New: erlang-protobuffs-0.8.4 is available

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1354694 Bug ID: 1354694 Summary: erlang-protobuffs-0.8.4 is available Product: Fedora Version: rawhide Component: erlang-protobuffs Keywords: FutureFeature, Triaged Assignee: lemenkov(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com Latest upstream release: 0.8.4 Current version/release in rawhide: 0.8.3-1.fc25 URL: https://github.com/basho/erlang_protobuffs Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/738/ -- You are receiving this mail because: You are on the CC list for the bug.

7 years, 4 months

1
12
0 / 0

Broken dependencies: erlang-riak_pipe

by Fedora Koji Build System

erlang-riak_pipe has broken dependencies in the rawhide tree: On ppc64: erlang-riak_pipe-1.3.2-3.fc22.ppc64 requires erlang-riak_core(ppc-64) >= 0:1.3.2 On ppc64le: erlang-riak_pipe-1.3.2-3.fc22.ppc64le requires erlang-riak_core(ppc-64) >= 0:1.3.2 Please resolve this as soon as possible.

7 years, 4 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

erlang December 2016