January 2016 - golang - Fedora Mailing-Lists

[Bug 1243892] New: Tracker for golang-github-mitchellh-mapstructure

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1243892 Bug ID: 1243892 Summary: Tracker for golang-github-mitchellh-mapstructure Product: Fedora Version: rawhide Component: golang-github-mitchellh-mapstructure Severity: low Priority: low Assignee: jchaloup(a)redhat.com Reporter: jchaloup(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: golang(a)lists.fedoraproject.org, jchaloup(a)redhat.com, lsm5(a)redhat.com, vbatts(a)redhat.com Tracker for async updates of golang-github-mitchellh-mapstructure for rawhide and other fedora distribution. As golang devel packages are used only as a build-time dependency at the moment, this tracker keeps updates and other information about this package, e.g. broken dependencies, exceptions, important pieces of information and other issues. -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 3 months

1
23
0 / 0

[Bug 1250502] New: Tracker for golang-github-ryanuber-columnize

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1250502 Bug ID: 1250502 Summary: Tracker for golang-github-ryanuber-columnize Product: Fedora Version: rawhide Component: golang-github-ryanuber-columnize Assignee: fpokorny(a)redhat.com Reporter: fpokorny(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fpokorny(a)redhat.com, golang(a)lists.fedoraproject.org, jchaloup(a)redhat.com Tracker for async updates of golang-github-ryanuber-columnize for rawhide and other fedora distribution. As golang devel packages are used only as a build-time dependency at the moment, this tracker keeps updates and other information about this package, e.g. broken dependencies, exceptions, important pieces of information and other issues. -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 3 months

1
6
0 / 0

Broken dependencies: golang-github-prometheus-prometheus

by Fedora Koji Build System

golang-github-prometheus-prometheus has broken dependencies in the rawhide tree: On x86_64: golang-github-prometheus-prometheus-devel-0.15.0-1.fc24.noarch requires golang(gopkg.in/fsnotify.v1) On i386: golang-github-prometheus-prometheus-devel-0.15.0-1.fc24.noarch requires golang(gopkg.in/fsnotify.v1) On armhfp: golang-github-prometheus-prometheus-devel-0.15.0-1.fc24.noarch requires golang(gopkg.in/fsnotify.v1) Please resolve this as soon as possible.

8 years, 3 months

1
0
0 / 0

Broken dependencies: golang-github-kraman-libcontainer

by Fedora Koji Build System

golang-github-kraman-libcontainer has broken dependencies in the rawhide tree: On x86_64: golang-github-kraman-libcontainer-devel-0-0.4.gitd700e5b.fc24.noarch requires golang(github.com/docker/docker/pkg/netlink) On i386: golang-github-kraman-libcontainer-devel-0-0.4.gitd700e5b.fc24.noarch requires golang(github.com/docker/docker/pkg/netlink) On armhfp: golang-github-kraman-libcontainer-devel-0-0.4.gitd700e5b.fc24.noarch requires golang(github.com/docker/docker/pkg/netlink) Please resolve this as soon as possible.

8 years, 3 months

1
0
0 / 0

[Bug 1298791] New: Go isn't installed into recommended upstream location

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1298791 Bug ID: 1298791 Summary: Go isn't installed into recommended upstream location Product: Fedora Version: 23 Component: golang Assignee: vbatts(a)redhat.com Reporter: martincigorraga(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: admiller(a)redhat.com, amurdaca(a)redhat.com, golang(a)lists.fedoraproject.org, jcajka(a)redhat.com, lemenkov(a)gmail.com, renich(a)woralelandia.com, s(a)shk.io, vbatts(a)redhat.com Hi, Description of problem: Go's download page states: "The Go binary distributions assume they will be installed in /usr/local/go [...]" Currently the golang package installs Go into /usr/bin/. Version-Release number of selected component (if applicable): Name : golang Arch : x86_64 Epoch : 0 Version : 1.5.2 Release : 2.fc23 Additional info: Being Fedora a distribution that strives to be as close as possible to upstream I'm curious about the reason on why Go is installed on a different location from the one upstream expects to be installed. Cheers. -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 3 months

1
3
0 / 0

Fwd: [security] Go 1.5.3 is released

by Jakub Cajka

Golang-1.5.3 build have been submitted to bodhi and to build-root override. https://bodhi.fedoraproject.org/updates/FEDORA-2016-2dcc094217 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a073cbd93 Please test and provide karma, also please consider rebuilding your packages, if they use TLS/RSA, to pick up the fix. Fedora tracking bug https://bugzilla.redhat.com/show_bug.cgi?id=1293451. Upstream notice follows. ----- Forwarded Message ----- From: "Chris Broadfoot" <cbro(a)golang.org> To: "golang-dev" <golang-dev(a)googlegroups.com>, golang-nuts(a)googlegroups.com, golang-announce(a)googlegroups.com, oss-security(a)openwall.com Sent: Wednesday, January 13, 2016 10:04:42 PM Subject: [security] Go 1.5.3 is released [posting on behalf of Jason Buberel] A security-related issue has been reported in Go's math/big package. The issue was introduced in Go 1.5. We recommend that all users upgrade to Go 1.5.3, which fixes the issue. Go programs must be recompiled with Go 1.5.3 in order to receive the fix. The Go team would like to thank Nick Craig-Wood for identifying the issue. This issue can affect RSA computations in crypto/rsa, which is used by crypto/tls. TLS servers on 32-bit systems could plausibly leak their RSA private key due to this issue. Other protocol implementations that create many RSA signatures could also be impacted in the same way. Specifically, incorrect results in one part of the RSA Chinese Remainder computation can cause the result to be incorrect in such a way that it leaks one of the primes. While RSA blinding should prevent an attacker from crafting specific inputs that trigger the bug, on 32-bit systems the bug can be expected to occur at random around one in 2^26 times. Thus collecting around 64 million signatures (of known data) from an affected server should be enough to extract the private key used. On 64-bit systems, the frequency of the bug is so low (less than one in 2^50) that it would be very difficult to exploit. Nonetheless, everyone is strongly encouraged to upgrade. Go 1.6 will include include a change to double-check the RSA computation, which is a generic countermeasure to this class of bug. The CVE issue descriptions and fixes are linked below. Downloads are available at http://golang.org/dl for all supported platforms. CVE-2015-8618 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8618 CLs fixing the issue: https://go-review.googlesource.com/#/c/17672/ https://go-review.googlesource.com/#/c/18491/ -- You received this message because you are subscribed to the Google Groups "golang-announce" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-announce+unsubscribe(a)googlegroups.com. For more options, visit https://groups.google.com/d/optout.

8 years, 3 months

1
0
0 / 0

[Bug 1298128] New: openshift-origin: kubernetes: Building configuration to a strategy not allowed by policy

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1298128 Bug ID: 1298128 Summary: openshift-origin: kubernetes: Building configuration to a strategy not allowed by policy Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: amaris(a)redhat.com CC: abhgupta(a)redhat.com, dmcphers(a)redhat.com, eparis(a)redhat.com, golang(a)lists.fedoraproject.org, jcajka(a)redhat.com, jchaloup(a)redhat.com, jialiu(a)redhat.com, jokerman(a)redhat.com, kseifried(a)redhat.com, lmeyer(a)redhat.com, mmccomas(a)redhat.com, nhorman(a)redhat.com, tiwillia(a)redhat.com, vbatts(a)redhat.com It was found that it is allowed to modify a build to use a restricted strategy so that it escalates privileges when built. Upstream Bug: https://github.com/openshift/origin/issues/6556 Upstream patch: https://github.com/openshift/origin/pull/6576 CVE request: http://seclists.org/oss-sec/2016/q1/79 -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 3 months

1
6
0 / 0

[Bug 1298129] New: openshift-origin: kubernetes: Building configuration to a strategy not allowed by policy [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1298129 Bug ID: 1298129 Summary: openshift-origin: kubernetes: Building configuration to a strategy not allowed by policy [fedora-all] Product: Fedora Version: 23 Component: kubernetes Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jchaloup(a)redhat.com Reporter: amaris(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: eparis(a)redhat.com, golang(a)lists.fedoraproject.org, jcajka(a)redhat.com, jchaloup(a)redhat.com, nhorman(a)redhat.com, vbatts(a)redhat.com Blocks: 1298128 This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1298128 [Bug 1298128] openshift-origin: kubernetes: Building configuration to a strategy not allowed by policy -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 3 months

1
3
0 / 0

Broken dependencies: golang-github-kraman-libcontainer

by Fedora Koji Build System

golang-github-kraman-libcontainer has broken dependencies in the rawhide tree: On x86_64: golang-github-kraman-libcontainer-devel-0-0.4.gitd700e5b.fc24.noarch requires golang(github.com/docker/docker/pkg/netlink) On i386: golang-github-kraman-libcontainer-devel-0-0.4.gitd700e5b.fc24.noarch requires golang(github.com/docker/docker/pkg/netlink) On armhfp: golang-github-kraman-libcontainer-devel-0-0.4.gitd700e5b.fc24.noarch requires golang(github.com/docker/docker/pkg/netlink) Please resolve this as soon as possible.

8 years, 3 months

1
0
0 / 0

Broken dependencies: golang-github-prometheus-prometheus

by Fedora Koji Build System

golang-github-prometheus-prometheus has broken dependencies in the rawhide tree: On x86_64: golang-github-prometheus-prometheus-devel-0.15.0-1.fc24.noarch requires golang(gopkg.in/fsnotify.v1) On i386: golang-github-prometheus-prometheus-devel-0.15.0-1.fc24.noarch requires golang(gopkg.in/fsnotify.v1) On armhfp: golang-github-prometheus-prometheus-devel-0.15.0-1.fc24.noarch requires golang(gopkg.in/fsnotify.v1) Please resolve this as soon as possible.

8 years, 3 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

golang January 2016