https://bugzilla.redhat.com/show_bug.cgi?id=1317718
Bug ID: 1317718
Summary: slf4j-1.7.19 is available
Product: Fedora
Version: rawhide
Component: slf4j
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
msrb(a)redhat.com
Latest upstream release: 1.7.19
Current version/release in rawhide: 1.7.18-1.fc25
URL: http://www.slf4j.org/download.html
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1320613
Bug ID: 1320613
Summary: OSGi metadata wrong after RHBZ#1299774
Product: Fedora
Version: rawhide
Component: kxml
Keywords: Patch
Assignee: mizdebsk(a)redhat.com
Reporter: sgehwolf(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
msrb(a)redhat.com
Depends On: 1320608
Created attachment 1139649
--> https://bugzilla.redhat.com/attachment.cgi?id=1139649&action=edit
spec file patch fixing the issue. Also fixes BR zip and BSN to be more
reasonable.
Description of problem:
Bug 1299774 removed bundled classes from xpp3. However, kxml still exports xpp3
packages via its MANIFEST.
Version-Release number of selected component (if applicable):
kxml-2.3.0-9.fc24.noarch
How reproducible:
100%
Steps to Reproduce:
$ bnd print /usr/share/java/kxml.jar | grep org.xmlpull.v1
Actual results:
Export-Package
org.kxml2.io;version="2.3.0",org.kxml2.kdom;version="2.3.0",org.kxml2.wap;version="2.3.0",org.kxml2.syncml;version="2.3.0",org.kxml2.wml;version="2.3.0",org.kxml2.wv;version="2.3.0",org.xmlpull.v1;version="2.3.0"
org.xmlpull.v1
Expected results:
No output.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1320608
[Bug 1320608] RFE: Please add OSGi metadata to xpp3
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1299435
Bug ID: 1299435
Summary: objectweb-asm3-5.0.4 is available
Product: Fedora
Version: rawhide
Component: objectweb-asm3
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: caniszczyk(a)gmail.com, dwalluck(a)redhat.com,
fnasser(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
mgoldman(a)redhat.com, mizdebsk(a)redhat.com,
msimacek(a)redhat.com, msrb(a)redhat.com,
richardfearn(a)gmail.com
Latest upstream release: 5.0.4
Current version/release in rawhide: 3.3.1-12.fc23
URL: http://asm.ow2.org/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1321488
Bug ID: 1321488
Summary: joda-time-v2.9.3 is available
Product: Fedora
Version: rawhide
Component: joda-time
Keywords: FutureFeature, Triaged
Assignee: SpikeFedora(a)gmail.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
SpikeFedora(a)gmail.com
Latest upstream release: v2.9.3
Current version/release in rawhide: 2.9.2-1.fc24
URL: https://github.com/JodaOrg/joda-time
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/1466/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1318476
Bug ID: 1318476
Summary: enable jetty8 deploy and servlets modules
Product: Fedora
Version: rawhide
Component: jetty8
Assignee: mizdebsk(a)redhat.com
Reporter: puntogil(a)libero.it
QA Contact: extras-qa(a)fedoraproject.org
CC: eclipse-sig(a)lists.fedoraproject.org,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
msrb(a)redhat.com, pmackinn(a)redhat.com
Please, enable jetty-deploy and jetty-servlets modules
I try to import https://github.com/carrot2/carrot2 (it still use jetty
7.6.17.v20150415 ...)
Note: is available a newer release: jetty-8.1.19.v20160209
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1318467
Bug ID: 1318467
Summary: jna-4.2.2 is available
Product: Fedora
Version: rawhide
Component: jna
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: dbhole(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
lfarkas(a)lfarkas.org, mizdebsk(a)redhat.com,
msimacek(a)redhat.com, msrb(a)redhat.com,
walters(a)redhat.com
Latest upstream release: 4.2.2
Current version/release in rawhide: 4.2.1-2.fc24
URL: https://github.com/java-native-access/jna/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/1464/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1322189
Bug ID: 1322189
Summary: slf4j-1.7.20 is available
Product: Fedora
Version: rawhide
Component: slf4j
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
msrb(a)redhat.com
Latest upstream release: 1.7.20
Current version/release in rawhide: 1.7.19-1.fc25
URL: http://www.slf4j.org/download.html
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/4831/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1319009
Bug ID: 1319009
Summary: nasm-2.12.01 is available
Product: Fedora
Version: rawhide
Component: nasm
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
msrb(a)redhat.com
Latest upstream release: 2.12.01
Current version/release in rawhide: 2.12-2.fc25
URL: http://www.nasm.us/pub/nasm/releasebuilds/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/2048/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1316430
Bug ID: 1316430
Summary: Version 3.2.1 has a CVSS 10.0 vulnerability
Product: Fedora
Version: 23
Component: apache-commons-collections
Severity: high
Assignee: msimacek(a)redhat.com
Reporter: dchen(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: jaromir.capik(a)email.cz,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
msrb(a)redhat.com
Description of problem:
Forward from Jennifer Winer:
Version 3.2.1 has a CVSS 10.0 vulnerability. That's the worst kind of
vulnerability that exists. By merely existing on the classpath, this
library causes the Java serialization parser for the entire JVM process
to go from being a state machine to a turing machine. A turing machine
with an exec() function!
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8103https://commons.apache.org/proper/commons-collections/security-reports.htmlhttp://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jen…
Version-Release number of selected component (if applicable):
Fedora 24 is already upgrade to 3.2.2, but not Fedora 23 and 22
Actual results:
Fedora 23 and Fedora 22 are still with apache-commons-collections-3.2.1
Expected results:
Fedora 23 should be updated to apache-commons-collections-3.2.2
If you see fit, please also update Fedora 22 as well.
Additional info:
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=652183
gil cattaneo <puntogil(a)libero.it> changed:
What |Removed |Added
----------------------------------------------------------------------------
Depends On| |1318873
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1318873
[Bug 1318873] Review Request: neurord - Stochastic reaction-diffusion
simulator
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.