java-sig-commits September 2017

java-sig-commits@lists.fedoraproject.org

1 participants
290 discussions

[Bug 1375941] CVE-2016-5725 jsch: path traversal vulnerability
by bugzilla＠redhat.com 13 Sep '17

13 Sep '17

1 0

[Bug 1375941] CVE-2016-5725 jsch: path traversal vulnerability
by bugzilla＠redhat.com 12 Sep '17

12 Sep '17

https://bugzilla.redhat.com/show_bug.cgi?id=1375941 Hooman Broujerdi <hghasemb(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sparks(a)redhat.com --- Doc Text *updated* --- A vulnerability was discovered in JSch that allows a malicious sftp server to force a client-side relative path traversal in jsch's implementation for recursive sftp-get, to allow the server to write files outside the clients download basedir with effective permissions of the jsch sftp client process. --- Comment #3 from Hooman Broujerdi <hghasemb(a)redhat.com> --- Hi Eric, Could you please doc review this? thanks -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1475048] New: aqute-bnd-3.4.0 is available
by bugzilla＠redhat.com 12 Sep '17

12 Sep '17

https://bugzilla.redhat.com/show_bug.cgi?id=1475048 Bug ID: 1475048 Summary: aqute-bnd-3.4.0 is available Product: Fedora Version: rawhide Component: aqute-bnd Keywords: FutureFeature, Triaged Assignee: msimacek(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: jaromir.capik(a)email.cz, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, msimacek(a)redhat.com Latest upstream release: 3.4.0 Current version/release in rawhide: 3.3.0-6.fc26 URL: http://bnd.bndtools.org/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/98/ -- You are receiving this mail because: You are on the CC list for the bug.

1 1

[Bug 652183] Java SIG tracker bug
by bugzilla＠redhat.com 12 Sep '17

12 Sep '17

https://bugzilla.redhat.com/show_bug.cgi?id=652183 Mikolaj Izdebski <mizdebsk(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On|1490338 | Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1490338 [Bug 1490338] Review Request: plexus-languages - Plexus Languages -- You are receiving this mail because: You are the QA Contact for the bug. You are the assignee for the bug.

1 0

[Bug 1442054] New: maven-surefire-2.20 is available
by bugzilla＠redhat.com 12 Sep '17

12 Sep '17

https://bugzilla.redhat.com/show_bug.cgi?id=1442054 Bug ID: 1442054 Summary: maven-surefire-2.20 is available Product: Fedora Version: rawhide Component: maven-surefire Keywords: FutureFeature, Triaged Assignee: mizdebsk(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: akurtako(a)redhat.com, jaromir.capik(a)email.cz, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, msimacek(a)redhat.com Latest upstream release: 2.20 Current version/release in rawhide: 2.19.1-6.fc26 URL: http://repo2.maven.org/maven2/org/apache/maven/surefire/surefire/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/1944/ -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 1490736] New: maven-surefire: FTBFS in Fedora rawhide
by bugzilla＠redhat.com 12 Sep '17

12 Sep '17

https://bugzilla.redhat.com/show_bug.cgi?id=1490736 Bug ID: 1490736 Summary: maven-surefire: FTBFS in Fedora rawhide Product: Fedora Version: rawhide Component: maven-surefire Assignee: mizdebsk(a)redhat.com Reporter: mizdebsk(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: akurtako(a)redhat.com, jaromir.capik(a)email.cz, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, msimacek(a)redhat.com Description of problem: Package maven-surefire fails to build from source in Fedora rawhide. [ERROR] Failed to execute goal org.apache.maven.plugins:maven-shade-plugin:3.1.0:shade (default) on project surefire-report-parser: Error creating shaded jar: RemappingClassAdapter is deprecated, use ClassRemapper instead -> [Help 1] Version-Release number of selected component (if applicable): 2.19.1-8.fc27 Steps to Reproduce: koji build --scratch f28 maven-surefire-2.19.1-8.fc27.src.rpm Additional info: This package is tracked by Koschei. See: http://apps.fedoraproject.org/koschei/package/maven-surefire -- You are receiving this mail because: You are on the CC list for the bug.

1 6

[Bug 1464752] New: maven-reporting-impl-3.0.0 is available
by bugzilla＠redhat.com 12 Sep '17

12 Sep '17

https://bugzilla.redhat.com/show_bug.cgi?id=1464752 Bug ID: 1464752 Summary: maven-reporting-impl-3.0.0 is available Product: Fedora Version: rawhide Component: maven-reporting-impl Keywords: FutureFeature, Triaged Assignee: mizdebsk(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com Latest upstream release: 3.0.0 Current version/release in rawhide: 2.4-3.fc26 URL: http://repo1.maven.org/maven2/org/apache/maven/reporting/maven-reporting-im… Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/1932/ -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1490817] New: objectweb-asm: org.objectweb.asm.tree, 6.0.0.BETA is not a valid bundle
by bugzilla＠redhat.com 12 Sep '17

12 Sep '17

https://bugzilla.redhat.com/show_bug.cgi?id=1490817 Bug ID: 1490817 Summary: objectweb-asm: org.objectweb.asm.tree,6.0.0.BETA is not a valid bundle Product: Fedora Version: rawhide Component: objectweb-asm Assignee: fnasser(a)redhat.com Reporter: mizdebsk(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: dwalluck(a)redhat.com, fnasser(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, msimacek(a)redhat.com osgi.bundle,org.objectweb.asm.commons,6.0.0.BETA (/var/lib/mock/maven/root/usr/share/java/objectweb-asm/asm-commons.jar) is not a valid bundle so it will be ignored. osgi.bundle,org.objectweb.asm.analysis,6.0.0.BETA (/var/lib/mock/maven/root/usr/share/java/objectweb-asm/asm-analysis.jar) is not a valid bundle so it will be ignored. osgi.bundle,org.objectweb.asm.tree,6.0.0.BETA (/var/lib/mock/maven/root/usr/share/java/objectweb-asm/asm-tree.jar) is not a valid bundle so it will be ignored. osgi.bundle,org.objectweb.asm.util,6.0.0.BETA (/var/lib/mock/maven/root/usr/share/java/objectweb-asm/asm-util.jar) is not a valid bundle so it will be ignored. Caused by: java.lang.IllegalArgumentException: invalid version "6.0_BETA": non-numeric "0_BETA" at org.osgi.framework.Version.parseInt(Version.java:170) at org.osgi.framework.Version.<init>(Version.java:130) at org.osgi.framework.Version.valueOf(Version.java:257) at org.osgi.framework.VersionRange.parseVersion(VersionRange.java:194) ... 61 more Caused by: java.lang.NumberFormatException: For input string: "0_BETA" at java.lang.NumberFormatException.forInputString(NumberFormatException.java:65) at java.lang.Integer.parseInt(Integer.java:580) at java.lang.Integer.parseInt(Integer.java:615) at org.osgi.framework.Version.parseInt(Version.java:168) ... 64 more -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 998208] New: maven-remote-resources-plugin-1.5 is available
by Red Hat Bugzilla 12 Sep '17

12 Sep '17

https://bugzilla.redhat.com/show_bug.cgi?id=998208 Bug ID: 998208 Summary: maven-remote-resources-plugin-1.5 is available Product: Fedora Version: rawhide Component: maven-remote-resources-plugin Keywords: FutureFeature, Triaged Assignee: huwang(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: huwang(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, sochotni(a)redhat.com, tradej(a)redhat.com Latest upstream release: 1.5 Current version/release in Fedora Rawhide: 1.4-5.fc20 URL: http://repo1.maven.org/maven2/org/apache/maven/plugins/maven-remote-resourc… Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=IznNz4aeJt&a=cc_unsubscribe

2 3

[Bug 1490646] New: felix-utils-1.10.2 is available
by bugzilla＠redhat.com 12 Sep '17

12 Sep '17

https://bugzilla.redhat.com/show_bug.cgi?id=1490646 Bug ID: 1490646 Summary: felix-utils-1.10.2 is available Product: Fedora Version: rawhide Component: felix-utils Keywords: FutureFeature, Triaged Assignee: msimacek(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: jaromir.capik(a)email.cz, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, msimacek(a)redhat.com Latest upstream release: 1.10.2 Current version/release in rawhide: 1.10.0-2.fc27 URL: http://www.apache.org/dist/felix/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/799/ -- You are receiving this mail because: You are on the CC list for the bug.

1 3

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

java-sig-commits September 2017