[Bug 1409710] New:
erlang should support noarch packages being installed in /usr/lib/erlang/
lib/
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1409710
Bug ID: 1409710
Summary: erlang should support noarch packages being installed
in /usr/lib/erlang/lib/
Product: Fedora
Version: rawhide
Component: erlang
Severity: medium
Assignee: lemenkov(a)gmail.com
Reporter: randy(a)electronsweatshop.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, jeckersb(a)redhat.com,
lemenkov(a)gmail.com, rhbugs(a)n-dimensional.de, s(a)shk.io
Description of problem:
Currently, all Erlang libraries are installed into /usr/lib64/erlang/lib/ on
x86_64 systems, regardless of whether they have any arch-dependent code. This
causes rpmlint errors, and also causes longer build times for pure-Erlang
packages.
We should adjust Erlang path searching setting so that noarch libraries can be
installed to /usr/lib/erlang/lib/ so they can officially become noarch
packages.
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 8 months
[Bug 1433985] New: CVE-2016-10253 erlang:
Heap-buffer overflow via regular expressions
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1433985
Bug ID: 1433985
Summary: CVE-2016-10253 erlang: Heap-buffer overflow via
regular expressions
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: aortega(a)redhat.com, apevec(a)redhat.com,
ayoung(a)redhat.com, chrisw(a)redhat.com,
cvsbot-xmlrpc(a)redhat.com,
erlang(a)lists.fedoraproject.org, jeckersb(a)redhat.com,
jjoyce(a)redhat.com, jschluet(a)redhat.com,
kbasil(a)redhat.com, lemenkov(a)gmail.com, lhh(a)redhat.com,
lpeer(a)redhat.com, markmc(a)redhat.com,
plemenko(a)redhat.com, rbryant(a)redhat.com,
rhbugs(a)n-dimensional.de, rjones(a)redhat.com,
sclewis(a)redhat.com, s(a)shk.io, tdecacqu(a)redhat.com
An issue was discovered in Erlang/OTP Erlang's generation of compiled regular
expressions is vulnerable to a heap overflow. Regular expressions using a
malformed extpattern can indirectly specify an offset that is used as an array
index. This ordinal permits arbitrary regions within the erts_alloc arena to be
both read and written to.
References:
https://github.com/erlang/otp/pull/1108
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 9 months