https://bugzilla.redhat.com/show_bug.cgi?id=1448339
Bug ID: 1448339
Summary: CVE-2017-4965 CVE-2017-4966 CVE-2017-4967
rabbitmq-server: various flaws [fedora-24]
Product: Fedora
Version: 24
Component: rabbitmq-server
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: lemenkov(a)gmail.com
Reporter: anemec(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org,
hubert.plociniczak(a)gmail.com, jeckersb(a)redhat.com,
lemenkov(a)gmail.com, rjones(a)redhat.com, s(a)shk.io
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-24.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1295663
Bug ID: 1295663
Summary: dialyzer --build_plt crashes
Product: Fedora
Version: rawhide
Component: erlang
Severity: high
Assignee: lemenkov(a)gmail.com
Reporter: rbarlow(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, jeckersb(a)redhat.com,
lemenkov(a)gmail.com, rhbugs(a)n-dimensional.de, s(a)shk.io
Created attachment 1111752
--> https://bugzilla.redhat.com/attachment.cgi?id=1111752&action=edit
erl_crash.dump
Description of problem:
When I try to build a PLT, dialyzer crashes.
Version-Release number of selected component (if applicable):
$ rpm -q erlang-dialyzer
erlang-dialyzer-17.4-5.fc24.x86_64
How reproducible:
Every time
Steps to Reproduce:
1. $ dialyzer --build_plt --apps erts kernel stdlib
Actual results:
$ dialyzer --build_plt --apps erts kernel stdlib
Compiling some key modules to native code...{"init terminating in
do_boot",{{badmatch,{error,{'EXIT',{badarg,[{hipe_bifs,patch_call,[1095479243,94032498909904,[]],[]},{hipe_unified_loader,patch_call_insn,3,[{file,"hipe_unified_loader.erl"},{line,507}]},{hipe_unified_loader,patch_bif_call_list,4,[{file,"hipe_unified_loader.erl"},{line,492}]},{hipe_unified_loader,patch_call,5,[{file,"hipe_unified_loader.erl"},{line,483}]},{hipe_unified_loader,patch,5,[{file,"hipe_unified_loader.erl"},{line,458}]},{hipe_unified_loader,load_common,4,[{file,"hipe_unified_loader.erl"},{line,235}]},{hipe_unified_loader,load_module,3,[{file,"hipe_unified_loader.erl"},{line,156}]},{code_server,handle_call,3,[{file,"code_server.erl"},{line,332}]}]}}}},[{hipe,finalize,5,[{file,"hipe.erl"},{line,751}]},{hipe,compile_finish,3,[{file,"hipe.erl"},{line,708}]},{hipe,'-run_compiler_1/3-fun-0-',4,[{file,"hipe.erl"},{line,669}]}]}}
Crash dump was written to: erl_crash.dump
init terminating in do_boot ()
Expected results:
Successful build.
Additional info:
I've attached the erl_crash.dump file.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1324922
Bug ID: 1324922
Summary: Log handler repeatedly crashes
Product: Fedora EPEL
Version: epel7
Component: erlang
Keywords: Regression, ZStream
Severity: urgent
Priority: urgent
Assignee: jeckersb(a)redhat.com
Reporter: jeckersb(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: apevec(a)redhat.com, binarin(a)binarin.ru,
erlang(a)lists.fedoraproject.org, fdinitto(a)redhat.com,
jeckersb(a)redhat.com, jschluet(a)redhat.com,
lhh(a)redhat.com, oblaut(a)redhat.com, rjones(a)redhat.com,
s(a)shk.io, ushkalim(a)redhat.com
Depends On: 1322609
Blocks: 1324185
+++ This bug was initially created as a clone of Bug #1322609 +++
Starting with erlang-erts-R16B-03.10min.6.el7ost.x86_64, the log handler
repeatedly crashes and fills up the rabbitmq startup_log with entries like:
Event crashed log handler:
{info_msg,<0.1719.0>,
{<0.1832.0>,"Mirrored ~s: Adding mirror on node ~p: ~p~n",
["queue 'l3_agent_fanout_0f6bc20f4c54484f9de482cd6d83a15a' in vhost
'/'",
'rabbit@overcloud-controller-1',<6192.10668.1>]}}
function_clause
Meanwhile the rabbitmq log is empty.
Looks like a regression introduced in the "Enable error_logger depth fine
tuning" patch.
--- Additional comment from Alexey Lebedeff on 2016-04-07 09:17:10 EDT ---
R16B-03.16.el7 is also affected.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1322609
[Bug 1322609] Log handler repeatedly crashes
https://bugzilla.redhat.com/show_bug.cgi?id=1324185
[Bug 1324185] Log handler repeatedly crashes
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1377306
Bug ID: 1377306
Summary: couchdb-2.0.0 is available
Product: Fedora
Version: rawhide
Component: couchdb
Keywords: FutureFeature, Triaged
Assignee: lemenkov(a)gmail.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, lemenkov(a)gmail.com,
wtogami(a)gmail.com
Latest upstream release: 2.0.0
Current version/release in rawhide: 1.6.1-18.fc26
URL: http://www.apache.org/dist/couchdb/source/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/347/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1426600
Bug ID: 1426600
Summary: /etc/logrotate.d/rabbitmq-server leads to "Password:
su: Authentication failure"
Product: Fedora EPEL
Version: epel7
Component: rabbitmq-server
Severity: medium
Assignee: lemenkov(a)gmail.com
Reporter: redhat-bugzilla(a)linuxnetz.de
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org,
hubert.plociniczak(a)gmail.com, jeckersb(a)redhat.com,
josh(a)fornwall.com, lemenkov(a)gmail.com,
rjones(a)redhat.com, robert.scheck(a)etes.de, s(a)shk.io
Description of problem:
/etc/logrotate.d/rabbitmq-server leads to the following logrotate failures:
--- snipp ---
Date: Fri, 24 Feb 2017 03:37:11 +0100 (CET)
From: Anacron <root(a)tux.example.net>
To: root(a)tux.example.net
Subject: Anacron job 'cron.daily' on tux.example.net
Message-Id: <20170224023711.2735E406C4(a)tux.example.net>
/etc/cron.daily/logrotate:
Password: su: Authentication failure
error: error running shared postrotate script for '/var/log/rabbitmq/*.log '
--- snapp ---
Version-Release number of selected component (if applicable):
rabbitmq-server-3.3.5-31.el7.noarch
How reproducible:
Everytime, just install rabbitmq-server on RHEL 7.3 with SELinux enforced.
Actual results:
/etc/logrotate.d/rabbitmq-server leads failure messages.
Expected results:
Working logrotate via /etc/logrotate.d/rabbitmq-server simply.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1163812
Bug ID: 1163812
Summary: Cannot control ejabberd with ejabberdctl
Product: Fedora
Version: 21
Component: ejabberd
Assignee: lemenkov(a)gmail.com
Reporter: juan.orti(a)miceliux.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, jkaluza(a)redhat.com,
lemenkov(a)gmail.com, martin(a)laptop.org
Description of problem:
After a clean install of ejabberd in Fedora 21, I cannot use the ejabberdctl
utility to register users, etc.
I run:
# ejabberdctl register admin localhost password
Failed RPC connection to the node ejabberd@localhost: nodedown
Commands to start an ejabberd node:
start Start an ejabberd node in server mode
debug Attach an interactive Erlang shell to a running ejabberd node
live Start an ejabberd node in live (interactive) mode
Optional parameters when starting an ejabberd node:
--config-dir dir Config ejabberd: /etc/ejabberd
--config file Config ejabberd: /etc/ejabberd/ejabberd.yml
--ctl-config file Config ejabberdctl: /etc/ejabberd/ejabberdctl.cfg
--logs dir Directory for logs: /var/log/ejabberd
--spool dir Database spool dir: /var/lib/ejabberd
--node nodename ejabberd node name: ejabberd@localhost
And I see this in the log /var/log/ejabberd/ejabberd.log:
2014-11-13 14:57:30.188 [info] <0.7.0> Application lager started on node
ejabberd@localhost
2014-11-13 14:57:30.257 [info] <0.7.0> Application sasl started on node
ejabberd@localhost
2014-11-13 14:57:30.286 [info] <0.7.0> Application crypto started on node
ejabberd@localhost
2014-11-13 14:57:30.354 [info] <0.7.0> Application asn1 started on node
ejabberd@localhost
2014-11-13 14:57:30.354 [info] <0.7.0> Application public_key started on node
ejabberd@localhost
2014-11-13 14:57:30.421 [info] <0.7.0> Application ssl started on node
ejabberd@localhost
2014-11-13 14:57:30.450 [info] <0.7.0> Application p1_yaml started on node
ejabberd@localhost
2014-11-13 14:57:30.482 [info] <0.7.0> Application p1_tls started on node
ejabberd@localhost
2014-11-13 14:57:30.492 [info] <0.7.0> Application p1_xml started on node
ejabberd@localhost
2014-11-13 14:57:30.498 [info] <0.7.0> Application p1_stringprep started on
node ejabberd@localhost
2014-11-13 14:57:30.508 [info] <0.7.0> Application p1_zlib started on node
ejabberd@localhost
2014-11-13 14:57:30.515 [info] <0.7.0> Application p1_cache_tab started on node
ejabberd@localhost
2014-11-13 14:57:31.015 [info] <0.7.0> Application mnesia started on node
ejabberd@localhost
2014-11-13 14:57:33.259 [info] <0.37.0>@cyrsasl_digest:start:57 FQDN used to
check DIGEST-MD5 SASL authentication: charm.miceliux.com
2014-11-13 14:57:33.423 [info] <0.7.0> Application p1_iconv started on node
ejabberd@localhost
2014-11-13 14:57:42.556 [info] <0.564.0>@ejabberd_listener:listen_tcp:194
Reusing listening port for 5222
2014-11-13 14:57:42.556 [info] <0.565.0>@ejabberd_listener:listen_tcp:194
Reusing listening port for 5269
2014-11-13 14:57:42.557 [info] <0.566.0>@ejabberd_listener:listen_tcp:194
Reusing listening port for 5280
2014-11-13 14:57:42.557 [info] <0.37.0>@ejabberd_app:start:69 ejabberd
community is started in the node ejabberd@localhost
2014-11-13 14:57:42.557 [info] <0.7.0> Application ejabberd started on node
ejabberd@localhost
2014-11-13 14:59:18.926 [error] <0.567.0> ** Connection attempt from disallowed
node 'ejabberdctl-1@charm' **
Version-Release number of selected component (if applicable):
ejabberd-14.07-3.fc21.x86_64
How reproducible:
Always
Steps to Reproduce:
1. yum install ejabberd
2. systemctl start ejabberd
3. ejabberdctl register admin localhost password
Actual results:
Cannot register a user.
Expected results:
Register a user.
Additional info:
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1427123
Bug ID: 1427123
Summary: ejabberd-17.03-beta is available
Product: Fedora
Version: rawhide
Component: ejabberd
Keywords: FutureFeature, Triaged
Assignee: lemenkov(a)gmail.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org, jeremy(a)jcline.org,
lemenkov(a)gmail.com, martin(a)laptop.org,
randy(a)electronsweatshop.com
Latest upstream release: 17.03-beta
Current version/release in rawhide: 17.01-2.fc26
URL: https://github.com/processone/ejabberd
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/667/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1451526
Bug ID: 1451526
Summary: elixir-1.4.4 is available
Product: Fedora
Version: rawhide
Component: elixir
Keywords: FutureFeature, Triaged
Assignee: relrod(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org,
jochen(a)herr-schmitt.de, lemenkov(a)gmail.com,
martin(a)laptop.org, puiterwijk(a)redhat.com,
relrod(a)redhat.com
Latest upstream release: 1.4.4
Current version/release in rawhide: 1.4.2-1.fc27
URL: https://github.com/elixir-lang/elixir
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/673/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1373887
Bug ID: 1373887
Summary: Add systemd template services
Product: Fedora
Version: rawhide
Component: rabbitmq-server
Assignee: lemenkov(a)gmail.com
Reporter: karlthered(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erlang(a)lists.fedoraproject.org,
hubert.plociniczak(a)gmail.com, jeckersb(a)redhat.com,
lemenkov(a)gmail.com, rjones(a)redhat.com, s(a)shk.io
Created attachment 1198657
--> https://bugzilla.redhat.com/attachment.cgi?id=1198657&action=edit
Patch to spec file (needs more testing)
Description of problem:
Some OpenStack services require separate instances of RabbitMQ and shipping a
systemd template services would simplify that
Version-Release number of selected component (if applicable):
current
How reproducible:
N/A
Actual results:
Needs to write custom service file to run separate instances
Expected results:
Packages needing separate instance should just drop in their config files and
systemctl start rabbitmq@FOO to run separate instance of rabbitmq-server
Additional info:
About systemd template unit files:
https://fedoramagazine.org/systemd-template-unit-files/
--
You are receiving this mail because:
You are on the CC list for the bug.