i18n-bugs November 2016

i18n-bugs@lists.fedoraproject.org

2 participants
185 discussions

[Fedora-i18n-bugs] [Bug 1399667] New: CVE-2016-9428 w3m: Out-of-bounds write in addMultirowsForm()
by Red Hat Bugzilla 25 Mar '17

25 Mar '17

https://bugzilla.redhat.com/show_bug.cgi?id=1399667 Bug ID: 1399667 Summary: CVE-2016-9428 w3m: Out-of-bounds write in addMultirowsForm() Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: anemec(a)redhat.com CC: eng-i18n-bugs(a)redhat.com, i18n-bugs(a)lists.fedoraproject.org, pnemade(a)redhat.com An out of bounds heap write will occur while parsing malicously crafted input, crashing the application or having other unspecified impact. Upstream bug: https://github.com/tats/w3m/issues/26 Upstream fix: https://github.com/tats/w3m/commit/4e464819dd360ffd3d58fa2a89216fe413cfcc74 References: http://seclists.org/oss-sec/2016/q4/321 -- You are receiving this mail because: You are on the CC list for the bug.

2 5

[Fedora-i18n-bugs] [Bug 1399666] New: CVE-2016-9425 w3m: Segmentation fault due to write to lineBuf[-1] in addMultirowsForm
by Red Hat Bugzilla 25 Mar '17

25 Mar '17

https://bugzilla.redhat.com/show_bug.cgi?id=1399666 Bug ID: 1399666 Summary: CVE-2016-9425 w3m: Segmentation fault due to write to lineBuf[-1] in addMultirowsForm Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: anemec(a)redhat.com CC: eng-i18n-bugs(a)redhat.com, i18n-bugs(a)lists.fedoraproject.org, pnemade(a)redhat.com An out of bounds heap write will occur while parsing malicously crafted input, crashing the application or having other unspecified impact. Upstream bug: https://github.com/tats/w3m/issues/21 Upstream fix: https://github.com/tats/w3m/commit/4e464819dd360ffd3d58fa2a89216fe413cfcc74 References: http://seclists.org/oss-sec/2016/q4/321 -- You are receiving this mail because: You are on the CC list for the bug.

2 5

[Fedora-i18n-bugs] [Bug 1399665] New: CVE-2016-9424 w3m: Out-of-bounds heap write due to negative array index
by Red Hat Bugzilla 25 Mar '17

25 Mar '17

https://bugzilla.redhat.com/show_bug.cgi?id=1399665 Bug ID: 1399665 Summary: CVE-2016-9424 w3m: Out-of-bounds heap write due to negative array index Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: anemec(a)redhat.com CC: eng-i18n-bugs(a)redhat.com, i18n-bugs(a)lists.fedoraproject.org, pnemade(a)redhat.com An out of bounds heap write will occur while parsing malicously crafted input, crashing the application or having other unspecified impact. Upstream bug: https://github.com/tats/w3m/issues/12 Upstream fix: https://github.com/tats/w3m/commit/a25fd09f74fb83499396935a96d63bb7cb8e2c58 References: http://seclists.org/oss-sec/2016/q4/321 -- You are receiving this mail because: You are on the CC list for the bug.

2 7

[Fedora-i18n-bugs] [Bug 1399664] New: CVE-2016-9423 w3m: Malformed html tag heap-buffer overflow
by Red Hat Bugzilla 25 Mar '17

25 Mar '17

https://bugzilla.redhat.com/show_bug.cgi?id=1399664 Bug ID: 1399664 Summary: CVE-2016-9423 w3m: Malformed html tag heap-buffer overflow Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: anemec(a)redhat.com CC: eng-i18n-bugs(a)redhat.com, i18n-bugs(a)lists.fedoraproject.org, pnemade(a)redhat.com It is possible in specific circumstances to smash the stack using maliciously crafted input. Upstream bug: https://github.com/tats/w3m/issues/9 Upstream fix: https://github.com/tats/w3m/commit/9f0bdcfdf061db3520bd1f112bdc5e83acdec4be References: http://seclists.org/oss-sec/2016/q4/321 -- You are receiving this mail because: You are on the CC list for the bug.

2 6

[Fedora-i18n-bugs] [Bug 1399662] New: CVE-2016-9422 w3m: Stack smashed with large image inside table
by Red Hat Bugzilla 25 Mar '17

25 Mar '17

https://bugzilla.redhat.com/show_bug.cgi?id=1399662 Bug ID: 1399662 Summary: CVE-2016-9422 w3m: Stack smashed with large image inside table Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: anemec(a)redhat.com CC: eng-i18n-bugs(a)redhat.com, i18n-bugs(a)lists.fedoraproject.org, pnemade(a)redhat.com It is possible in specific circumstances to smash the stack using maliciously crafted input. Upstream bugs: https://github.com/tats/w3m/issues/8 https://github.com/tats/w3m/pull/19 Upstream fix: https://github.com/tats/w3m/commit/67a3db378f5ee3047c158eae4342f7e3245a2ab1 References: http://seclists.org/oss-sec/2016/q4/321 -- You are receiving this mail because: You are on the CC list for the bug.

2 7

[Fedora-i18n-bugs] [Bug 1349567] New: avoid using special purpose fonts such as apx-fonts
by Red Hat Bugzilla 03 Mar '17

03 Mar '17

https://bugzilla.redhat.com/show_bug.cgi?id=1349567 Bug ID: 1349567 Summary: avoid using special purpose fonts such as apx-fonts Product: Fedora Version: 23 Component: fontconfig Assignee: tagoh(a)redhat.com Reporter: htl10(a)users.sourceforge.net QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, i18n-bugs(a)lists.fedoraproject.org, pnemade(a)redhat.com, tagoh(a)redhat.com Description of problem: I started noticing many web pages on firefox, icecat, etc using a rather undesirable choice of fonts a while ago, and finally tracked it down with gnome-font-viewer to see which font is that. It is apx-fonts . /usr/share/fonts/apx/04b03.ttf . The problem is that its name starts with "04b03", and therefore comes first in a fair number of font matches (don't know the exact criteria, but often enough)... Version-Release number of selected component (if applicable): apx-fonts-0.1-3.fc23.noarch fontconfig-2.11.94-4.fc23.x86_64 fontconfig-2.11.94-4.fc23.i686 How reproducible: Always, since installing it (I installed a whole lot of fonts a while ago, basically just did "dnf install -y *fonts"). Steps to Reproduce: 1. installing apx-fonts 2. go to some web sites 3. Actual results: undesirable font choice. Expected results: pick something more suitable. Additional info: I know I can configure it myself in ~/.config/fontconfig, but fedora should help in avoiding these in the first place; since "dnf install -y *fonts" is probably common enough action. -- You are receiving this mail because: You are on the CC list for the bug.

2 24

[Fedora-i18n-bugs] [Bug 1374888] New: Unable to change IM Settings as expected / QT_IM_MODULE always set to ibus
by Red Hat Bugzilla 01 Mar '17

01 Mar '17

https://bugzilla.redhat.com/show_bug.cgi?id=1374888 Bug ID: 1374888 Summary: Unable to change IM Settings as expected / QT_IM_MODULE always set to ibus Product: Fedora Version: 24 Component: imsettings Severity: high Assignee: tagoh(a)redhat.com Reporter: msilveira(a)linuxbr.com QA Contact: extras-qa(a)fedoraproject.org CC: i18n-bugs(a)lists.fedoraproject.org, tagoh(a)redhat.com Description of problem: No matter what I try, I just can't get GTK_IM_MODULE and QT_IM_MODULE set correctly. It seems like /etc/X11/xinit/xinitrc.d/50-xinput.sh always results in empty GTK_IM_MODULE and QT_IM_MODULE set to ibus. I'm trying to get cedilla to work as ' + c/C to output ç and Ç ( as it's always been since old DOS times ) instead of ć and Ć The first step was to edit /usr/share/X11/locale/en_US.UTF-8/Compose and sed ć and Ć into ç and Ç ( not sure if this is really necessary ) If I open a Terminal and manually set GTK_IM_MODULE=cedilla and QT_IM_MODULE=xim , both GTK and QT programs work as I expect. Version-Release number of selected component (if applicable): imsettings-1.7.1-1.fc24.x86_64 How reproducible: Always Steps to Reproduce: 1. Choose any input method other than ibus ( via im-chooser ), logout, login. 2. Open Terminal and check if GTK_IM_MODULE and QT_IM_MODULE are set as expected 3. Actual results: GTK_IM_MODULE is not set and QT_IM_MODULE is always set to ibus Expected results: GTK_IM_MODULE and QT_IM_MODULE set as expected by the xinput files Additional info: I've managed to temporarily get GTK_IM_MODULES set by adding a file named /etc/X11/xinit/xinitrc.d/99-force-im.sh with the lines: #!/bin/bash export GTK_IM_MODULE=cedilla export QT_IM_MODULE=xim That's the only way I can get GTK programs to work with c cedil. But QT_IM_MODULE still gets overriden at logon. -- You are receiving this mail because: You are on the CC list for the bug.

2 12

[Fedora-i18n-bugs] [Bug 1369514] New: When ibus-table is active the “enter command” dialog of Gnome cannot be closed with ESC
by Red Hat Bugzilla 23 Feb '17

23 Feb '17

https://bugzilla.redhat.com/show_bug.cgi?id=1369514 Bug ID: 1369514 Summary: When ibus-table is active the “enter command” dialog of Gnome cannot be closed with ESC Product: Fedora Version: 25 Component: ibus-table Assignee: mfabian(a)redhat.com Reporter: mfabian(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dchen(a)redhat.com, i18n-bugs(a)lists.fedoraproject.org, kent.neo(a)gmail.com, me(a)kaio.net, mfabian(a)redhat.com, pwu(a)redhat.com, shawn.p.huang(a)gmail.com See also https://bugzilla.redhat.com/show_bug.cgi?id=1365497 for the same bug for ibus-typing-booster. When ibus-table is active and the “enter command” dialog is opened (default key binding Alt+F2), it cannot be closed with ESC again. For other input methods like ibus-kkc, this works. -- You are receiving this mail because: You are on the CC list for the bug.

2 20

[Fedora-i18n-bugs] [Bug 1136245] New: libunistring-0.9.4 is available
by Red Hat Bugzilla 20 Feb '17

20 Feb '17

https://bugzilla.redhat.com/show_bug.cgi?id=1136245 Bug ID: 1136245 Summary: libunistring-0.9.4 is available Product: Fedora Version: rawhide Component: libunistring Keywords: FutureFeature, Triaged Assignee: p(a)draigbrady.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: i18n-bugs(a)lists.fedoraproject.org, jim(a)meyering.net, p(a)draigbrady.com Latest upstream release: 0.9.4 Current version/release in Fedora Rawhide: 0.9.3-11.fc22 URL: http://ftp.gnu.org/gnu/libunistring/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Soon this service will be implemented by a new system: https://github.com/fedora-infra/anitya/ It will require to manage monitored projects via a new web interface. Please make yourself familiar with the new system to ease the transition. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=hmvR3JS1Pj&a=cc_unsubscribe

2 14

[Fedora-i18n-bugs] [Bug 1161284] New: git dependency
by Red Hat Bugzilla 26 Jan '17

26 Jan '17

https://bugzilla.redhat.com/show_bug.cgi?id=1161284 Bug ID: 1161284 Summary: git dependency Product: Fedora Version: rawhide Component: gettext Severity: low Assignee: dueno(a)redhat.com Reporter: tessarek(a)evermeet.cx QA Contact: extras-qa(a)fedoraproject.org CC: dueno(a)redhat.com, i18n-bugs(a)lists.fedoraproject.org, petersen(a)redhat.com, praiskup(a)redhat.com Description of problem: gettext-devel depends on git Additional info: Mail correspondence with Daiki Ueno: > Can you please remove the git dependency for gettext-devel? > > This is supposed to be a development package (mainly include files). > Since git on Fedora is very old and not updated reagularily, I tried to > remove git (to compile my own git) and to my surprise I saw that > gettext-devel depends on git. > > AFAIK this is the only *-devel package which depends on git. Actually, it _was_ needed for autopoint (a developer script, like autoconf or automake), when we used git as a compression method of /usr/share/gettext/archive.dir.*. Now that the default changed to tar.xz, git shouldn't be necessary anymore. > I truly believe this is a bug. Can you please fix this? Could you please file a bug on bugzilla.redhat.com, so we don't forgot to fix it on the next update? -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=UK9aT8RR8W&a=cc_unsubscribe

1 10

← Newer
1
...
9
10
11
12
13
14
15
...
19
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

i18n-bugs November 2016