https://bugzilla.redhat.com/show_bug.cgi?id=1493189
Bug ID: 1493189
Summary: CVE-2017-14228 nasm: NULL pointer dereference in the
paste_tokens function
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the
function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will
lead to a denial of service.
Upstream issue:
https://bugzilla.nasm.us/show_bug.cgi?id=3392423
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1493190
Bug ID: 1493190
Summary: CVE-2017-14228 nasm: NULL pointer dereference in the
paste_tokens function [fedora-all]
Product: Fedora
Version: 26
Component: nasm
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: mizdebsk(a)redhat.com
Reporter: anemec(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1541043
Bug ID: 1541043
Summary: [specfile] Use 'urw-base35-fonts' requirement instead
of 'urw-fonts'
Product: Fedora
Version: rawhide
Component: pdf-renderer
Keywords: Bugfix, EasyFix, Patch
Severity: medium
Priority: medium
Assignee: puntogil(a)libero.it
Reporter: dkaspar(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
jochen(a)herr-schmitt.de, oget.fedora(a)gmail.com,
puntogil(a)libero.it
Blocks: 1494563
Description of problem:
The 'urw-fonts' package is now obsolete and has been replaced with new
'urw-base35-fonts', which is being kept up-to-date.
'urw-fonts' will be dropped at the end-of-life of Fedora 27.
Please, update your specfile and make sure your package builds/works properly
with new version of the (URW)++ fonts.
In case you find some problem, open a new BZ for your component and put me into
CC so I try to help you deal with that issue.
Thank you! :)
--------------------------------------------------------------------
Associated pull-request:
https://src.fedoraproject.org/rpms/pdf-renderer/pull-request/1
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1494563
[Bug 1494563] [Tracking BZ] Update specfiles to use 'urw-base35-fonts'
instead of 'urw-fonts'
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1557507
Bug ID: 1557507
Summary: tomcat-9.0.6 is available
Product: Fedora
Version: rawhide
Component: tomcat
Keywords: FutureFeature, Triaged
Assignee: ivan.afonichev(a)gmail.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: alee(a)redhat.com, csutherl(a)redhat.com,
ivan.afonichev(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com, me(a)coolsvap.net
Latest upstream release: 9.0.6
Current version/release in rawhide: 8.5.29-1.fc29
URL: http://tomcat.apache.org/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/17032/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1572708
Bug ID: 1572708
Summary: NPE when running tests on JDK 10
Product: Fedora
Version: 28
Component: maven-surefire
Assignee: mizdebsk(a)redhat.com
Reporter: sgehwolf(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, dbhole(a)redhat.com,
jaromir.capik(a)email.cz,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
sochotni(a)redhat.com
Description of problem:
Running any tests on surefire 2.20 with JDK 10 results in NPE. See:
https://issues.apache.org/jira/browse/SUREFIRE-1439
This causes a build failure of trying to build byteman 4.0.2 in fedora:
https://koji.fedoraproject.org/koji/taskinfo?taskID=26592984
Byteman 4.x needs JDK 9+ to build for modular JDK support.
Version-Release number of selected component (if applicable):
maven-surefire-2.20.1-3.fc28
How reproducible:
100%
Steps to Reproduce:
1. Rebuild srpm from task above. (may need some build overrides:
java-openjdk-10.0.1.10-2.fc28, xmvn-3.0.0-15.fc28)
Actual results:
NPE and build failure.
Expected results:
Build proceeds.
Additional info:
In a local mock I got this detail trace:
[ERROR] Failed to execute goal
org.apache.maven.plugins:maven-failsafe-plugin:2.20.1:integration-test
(javaops.TestArithmetic) on project byteman-agent: Execution
javaops.TestArithmetic of goal
org.apache.maven.plugins:maven-failsafe-plugin:2.20.1:integration-test failed.
NullPointerException -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal
org.apache.maven.plugins:maven-failsafe-plugin:2.20.1:integration-test
(javaops.TestArithmetic) on project byteman-agent: Execution
javaops.TestArithmetic of goal
org.apache.maven.plugins:maven-failsafe-plugin:2.20.1:integration-test failed.
at org.apache.maven.lifecycle.internal.MojoExecutor.execute
(MojoExecutor.java:213)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute
(MojoExecutor.java:154)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute
(MojoExecutor.java:146)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
(LifecycleModuleBuilder.java:117)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
(LifecycleModuleBuilder.java:81)
at
org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
(SingleThreadedBuilder.java:51)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
(LifecycleStarter.java:128)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:309)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:194)
at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:107)
at org.apache.maven.cli.MavenCli.execute (MavenCli.java:955)
at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:290)
at org.apache.maven.cli.MavenCli.main (MavenCli.java:194)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:62)
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke (Method.java:564)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced
(Launcher.java:289)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch
(Launcher.java:229)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode
(Launcher.java:415)
at org.codehaus.plexus.classworlds.launcher.Launcher.main
(Launcher.java:356)
Caused by: org.apache.maven.plugin.PluginExecutionException: Execution
javaops.TestArithmetic of goal
org.apache.maven.plugins:maven-failsafe-plugin:2.20.1:integration-test failed.
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo
(DefaultBuildPluginManager.java:145)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute
(MojoExecutor.java:208)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute
(MojoExecutor.java:154)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute
(MojoExecutor.java:146)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
(LifecycleModuleBuilder.java:117)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
(LifecycleModuleBuilder.java:81)
at
org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
(SingleThreadedBuilder.java:51)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
(LifecycleStarter.java:128)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:309)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:194)
at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:107)
at org.apache.maven.cli.MavenCli.execute (MavenCli.java:955)
at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:290)
at org.apache.maven.cli.MavenCli.main (MavenCli.java:194)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:62)
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke (Method.java:564)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced
(Launcher.java:289)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch
(Launcher.java:229)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode
(Launcher.java:415)
at org.codehaus.plexus.classworlds.launcher.Launcher.main
(Launcher.java:356)
Caused by: java.lang.NullPointerException
at
org.apache.maven.surefire.shade.org.apache.commons.lang3.SystemUtils.isJavaVersionAtLeast
(SystemUtils.java:1642)
at org.apache.maven.plugin.surefire.AbstractSurefireMojo.getEffectiveJvm
(AbstractSurefireMojo.java:2107)
at
org.apache.maven.plugin.surefire.AbstractSurefireMojo.getForkConfiguration
(AbstractSurefireMojo.java:1976)
at org.apache.maven.plugin.surefire.AbstractSurefireMojo.executeProvider
(AbstractSurefireMojo.java:1111)
at
org.apache.maven.plugin.surefire.AbstractSurefireMojo.executeAfterPreconditionsChecked
(AbstractSurefireMojo.java:954)
at org.apache.maven.plugin.surefire.AbstractSurefireMojo.execute
(AbstractSurefireMojo.java:832)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo
(DefaultBuildPluginManager.java:134)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute
(MojoExecutor.java:208)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute
(MojoExecutor.java:154)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute
(MojoExecutor.java:146)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
(LifecycleModuleBuilder.java:117)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
(LifecycleModuleBuilder.java:81)
at
org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
(SingleThreadedBuilder.java:51)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
(LifecycleStarter.java:128)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:309)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:194)
at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:107)
at org.apache.maven.cli.MavenCli.execute (MavenCli.java:955)
at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:290)
at org.apache.maven.cli.MavenCli.main (MavenCli.java:194)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:62)
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke (Method.java:564)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced
(Launcher.java:289)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch
(Launcher.java:229)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode
(Launcher.java:415)
at org.codehaus.plexus.classworlds.launcher.Launcher.main
(Launcher.java:356)
[ERROR]
[ERROR]
[ERROR] For more information about the errors and possible solutions, please
read the following articles:
[ERROR] [Help 1]
http://cwiki.apache.org/confluence/display/MAVEN/PluginExecutionException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with the
command
[ERROR] mvn <goals> -rf :byteman-agent
Note this is not an issue in maven surefire plugin 2.21 as it's been fixed
there.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1567453
Bug ID: 1567453
Summary: jetty-9.4.10.RC0 is available
Product: Fedora
Version: rawhide
Component: jetty
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
jjohnstn(a)redhat.com, krzysztof.daniel(a)gmail.com,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
sochotni(a)redhat.com
Latest upstream release: 9.4.10.RC0
Current version/release in rawhide: 9.4.9-2.v20180320.fc29
URL: http://www.eclipse.org/jetty
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/1447/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1530012
Bug ID: 1530012
Summary: maven-site-plugin-3.7 is available
Product: Fedora
Version: rawhide
Component: maven-site-plugin
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com
Latest upstream release: 3.7
Current version/release in rawhide: 3.6-3.fc27
URL: http://repo2.maven.org/maven2/org/apache/maven/plugins/maven-site-plugin/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/1937/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1340386
Bug ID: 1340386
Summary: CVE-2016-4434 tika: XML External Entity vulnerability
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: high
Priority: high
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: alazarot(a)redhat.com, aszczucz(a)redhat.com,
bdawidow(a)redhat.com, bgollahe(a)redhat.com,
bkearney(a)redhat.com, brms-jira(a)redhat.com,
chazlett(a)redhat.com, epp-bugs(a)redhat.com,
etirelli(a)redhat.com, felias(a)redhat.com,
hchiorea(a)redhat.com, hfnukal(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jcoleman(a)redhat.com, jolee(a)redhat.com,
jpallich(a)redhat.com, kanderso(a)redhat.com,
lpetrovi(a)redhat.com, mbaluch(a)redhat.com,
meissner(a)suse.de, mweiler(a)redhat.com,
mwinkler(a)redhat.com, nwallace(a)redhat.com,
ohudlick(a)redhat.com, pavelp(a)redhat.com,
puntogil(a)libero.it, rrajasek(a)redhat.com,
rzhang(a)redhat.com, rzima(a)redhat.com, taw(a)redhat.com,
theute(a)redhat.com, thomas(a)suse.de,
tkasparek(a)redhat.com, tkirby(a)redhat.com,
tlestach(a)redhat.com, vhalbert(a)redhat.com
Apache Tika parses XML within numerous file formats. In some instances, such
as spreadsheets in OOXML files, XMP in PDF, and other file formats, the
initialization of the XML parser or the choice of handlers did not protect
against XML External Entity (XXE) vulnerabilities.
References:
http://seclists.org/oss-sec/2016/q2/413
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1340387
Bug ID: 1340387
Summary: CVE-2016-4434 tika: XML External Entity vulnerability
[fedora-all]
Product: Fedora
Version: 23
Component: tika
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: puntogil(a)libero.it
Reporter: anemec(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
puntogil(a)libero.it
Blocks: 1340386 (CVE-2016-4434)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1340386
[Bug 1340386] CVE-2016-4434 tika: XML External Entity vulnerability
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1394156
Bug 1394156 depends on bug 1394157, which changed state.
Bug 1394157 Summary: CVE-2016-6809 tika: Native deserialization of Java objects in matlab files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1394157
What |Removed |Added
----------------------------------------------------------------------------
Status|ON_QA |CLOSED
Resolution|--- |ERRATA
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1394157
Bug ID: 1394157
Summary: CVE-2016-6809 tika: Native deserialization of Java
objects in matlab files [fedora-all]
Product: Fedora
Version: 24
Component: tika
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: puntogil(a)libero.it
Reporter: amaris(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
puntogil(a)libero.it
Blocks: 1394156 (CVE-2016-6809)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1394156
[Bug 1394156] CVE-2016-6809 tika: Native deserialization of Java objects in
matlab files
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1572463
--- Comment #3 from Kurt Seifried <kseifried(a)redhat.com> ---
Statement:
This issue affects the versions of lucene (which contains an embedded copy of
uima) as shipped with Red Hat Satellite 6.0 and 6.1. Red Hat Satellite 6.2 and
later do not include lucene and are not vulnerable to this issue.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1572463
Kurt Seifried <kseifried(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=important,public=201 |impact=important,public=201
|80427,reported=20180427,sou |80427,reported=20180427,sou
|rce=oss-security,cvss3=8.8/ |rce=oss-security,cvss3=8.8/
|CVSS:3.0/AV:N/AC:L/PR:L/UI: |CVSS:3.0/AV:N/AC:L/PR:L/UI:
|N/S:U/C:H/I:H/A:H,cwe=CWE-6 |N/S:U/C:H/I:H/A:H,cwe=CWE-6
|11,rhn_satellite_6/uimaj-co |11,rhn_satellite_6/uimaj-co
|re=new,fedora-all/uimaj=aff |re=wontfix,fedora-all/uimaj
|ected,rhel-8/uimaj=affected |=affected,rhel-8/uimaj=affe
| |cted
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1572418
Bug ID: 1572418
Summary: CVE-2018-1335 tika: Command injection in tika-server
can allow remote attackers to execute arbitrary
commands via crafted headers [fedora-all]
Product: Fedora
Version: 27
Component: tika
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: puntogil(a)libero.it
Reporter: sfowler(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
lef(a)fedoraproject.org, puntogil(a)libero.it
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1572463
Sam Fowler <sfowler(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |1572467
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1572463
Sam Fowler <sfowler(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Depends On| |1572465, 1572464
--- Comment #1 from Sam Fowler <sfowler(a)redhat.com> ---
Created uimaj tracking bugs for this issue:
Affects: fedora-all [bug 1572464]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1572464
[Bug 1572464] CVE-2017-15691 uimaj: uima: XML external entity expansion
(XXE) can allow attackers to execute arbitrary code [fedora-all]
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1396487
Bug ID: 1396487
Summary: pdfbox-2.0.3 is available
Product: Fedora
Version: rawhide
Component: pdfbox
Assignee: puntogil(a)libero.it
Reporter: puntogil(a)libero.it
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
orion(a)cora.nwra.com, puntogil(a)libero.it
Latest upstream release: 2.0.3
Current version/release in rawhide: 1.8.12-2.fc26
URL: http://www.apache.org/dist/pdfbox/
Used by Apache Tika >= 1.13
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1539990
Bug ID: 1539990
Summary: CVE-2017-12626 apache-poi: poi: Parsing of multiple
file types can cause a denial of service via infinite
loop or out of memory exception [fedora-all]
Product: Fedora
Version: 27
Component: apache-poi
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: mat.booth(a)redhat.com
Reporter: sfowler(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
lef(a)fedoraproject.org, mat.booth(a)redhat.com
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1443585
Bug ID: 1443585
Summary: CVE-2017-5661 fop: XML external entity processing
vulnerability
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: bmcclain(a)redhat.com, c.david86(a)gmail.com,
dblechte(a)redhat.com, eedri(a)redhat.com,
gklein(a)redhat.com, java-maint(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
lsurette(a)redhat.com, mgoldboi(a)redhat.com,
michal.skrivanek(a)redhat.com, mizdebsk(a)redhat.com,
msimacek(a)redhat.com, rbalakri(a)redhat.com,
rhbugs(a)n-dimensional.de, Rhev-m-bugs(a)redhat.com,
r.landmann(a)redhat.com, sbonazzo(a)redhat.com,
sherold(a)redhat.com, srevivo(a)redhat.com,
ydary(a)redhat.com, ykaul(a)redhat.com
In Apache FOP before 2.2, files lying on the filesystem of the server which
uses FOP can be revealed to arbitrary users who send maliciously formed SVG
files. The file types that can be shown depend on the user context in which the
exploitable application is running. If the user is root a full compromise of
the server - including confidential or sensitive files - would be possible. XXE
can also be used to attack the availability of the server via denial of service
as the references within a xml document can trivially trigger an amplification
attack.
References:
https://xmlgraphics.apache.org/security.htmlhttp://seclists.org/oss-sec/2017/q2/86
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1443592
Bug ID: 1443592
Summary: CVE-2017-5662 batik: XML external entity processing
vulnerability
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: bmcclain(a)redhat.com, c.david86(a)gmail.com,
dblechte(a)redhat.com, eedri(a)redhat.com,
hhorak(a)redhat.com, java-maint(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jorton(a)redhat.com, jvanek(a)redhat.com,
mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
sbonazzo(a)redhat.com, sherold(a)redhat.com,
ydary(a)redhat.com, ykaul(a)redhat.com
In Apache Batik before 1.9, files lying on the filesystem of the server which
uses batik can be revealed to arbitrary users who send maliciously formed SVG
files. The file types that can be shown depend on the user context in which the
exploitable application is running. If the user is root a full compromise of
the server - including confidential or sensitive files - would be possible. XXE
can also be used to attack the availability of the server via denial of service
as the references within a xml document can trivially trigger an amplification
attack.
References:
https://xmlgraphics.apache.org/security.htmlhttp://seclists.org/oss-sec/2017/q2/85
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1548909
errata-xmlrpc <errata-xmlrpc(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
External Bug ID| |Red Hat Product Errata
| |RHSA-2018:1251
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1550671
errata-xmlrpc <errata-xmlrpc(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
External Bug ID| |Red Hat Product Errata
| |RHSA-2018:1249
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1550671
--- Comment #6 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> ---
This issue has been addressed in the following products:
Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7
Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6
Via RHSA-2018:1249 https://access.redhat.com/errata/RHSA-2018:1249
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1548909
errata-xmlrpc <errata-xmlrpc(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
External Bug ID| |Red Hat Product Errata
| |RHSA-2018:1249
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1548909
--- Comment #28 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> ---
This issue has been addressed in the following products:
Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7
Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6
Via RHSA-2018:1249 https://access.redhat.com/errata/RHSA-2018:1249
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1550671
errata-xmlrpc <errata-xmlrpc(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
External Bug ID| |Red Hat Product Errata
| |RHSA-2018:1247
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1548909
errata-xmlrpc <errata-xmlrpc(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
External Bug ID| |Red Hat Product Errata
| |RHSA-2018:1247
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1550671
errata-xmlrpc <errata-xmlrpc(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
External Bug ID| |Red Hat Product Errata
| |RHSA-2018:1248
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1548909
errata-xmlrpc <errata-xmlrpc(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
External Bug ID| |Red Hat Product Errata
| |RHSA-2018:1248
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1570495
Bug ID: 1570495
Summary: CVE-2018-10254 nasm: Stack-based buffer over-read in
disasm/disasm.c:disasm() can allow attackers to cause
a denial of service
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: sfowler(a)redhat.com
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com
Netwide Assembler (nasm) through version 2.13 is vulnerable to a stack-based
buffer over-read in the disasm/disasm.c:disasm() function. An attacker could
exploit this to cause a crash or other unspecified impact via a crafted ELF
file.
Upstream Issue:
https://sourceforge.net/p/nasm/bugs/561/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1562174
Bug ID: 1562174
Summary: New upstream version available
Product: Fedora
Version: 27
Component: apache-commons-jcs
Assignee: puntogil(a)libero.it
Reporter: fedora(a)genodeftest.de
QA Contact: extras-qa(a)fedoraproject.org
CC: cedric.olivier(a)free.fr,
java-sig-commits(a)lists.fedoraproject.org,
puntogil(a)libero.it
Description of problem:
Upstream has seen a few updates missing here.
Version-Release number of selected component (if applicable):
Upstream: 2.2
Fedora: 2.0 Beta 5/6
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1508110
Hooman Broujerdi <hghasemb(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016
|0524,reported=20160524,sour |0524,reported=20160524,sour
|ce=cve,cvss3=6.4/CVSS:3.0/A |ce=cve,cvss3=6.4/CVSS:3.0/A
|V:N/AC:L/PR:L/UI:N/S:C/C:L/ |V:N/AC:L/PR:L/UI:N/S:C/C:L/
|I:L/A:N,cwe=CWE-352,fedora- |I:L/A:N,cwe=CWE-352,fedora-
|all/xmlrpc=affected,rhel-5/ |all/xmlrpc=affected,rhel-5/
|xmlrpc=wontfix,rhel-6/xmlrp |xmlrpc=wontfix,rhel-6/xmlrp
|c3=wontfix,rhel-7/xmlrpc=wo |c3=wontfix,rhel-7/xmlrpc=wo
|ntfix,rhev-m-3/xmlrpc-commo |ntfix,rhev-m-3/xmlrpc-commo
|n=wontfix,rhscl-3/rh-java-c |n=wontfix,rhscl-3/rh-java-c
|ommon-xmlrpc=affected,rhes- |ommon-xmlrpc=affected,rhes-
|3/xmlrpc-common=wontfix,jbd |3/xmlrpc-common=wontfix,jbd
|s-8/xmlrpc=notaffected,jbds |s-8/xmlrpc=notaffected,jbds
|-10/xmlrpc=notaffected,open |-10/xmlrpc=notaffected,open
|shift-enterprise-3/xmlrpc-c |shift-enterprise-3/xmlrpc-c
|ommon=notaffected,fuse-6/xm |ommon=notaffected,fuse-6/ca
|lrpc-common=new,fis-2/xmlrp |mel=affected,fis-2/xmlrpc-c
|c-common=new |ommon=affected,fuse-7/camel
| |=affected
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1464158
Bug ID: 1464158
Summary: CVE-2017-9735 jetty: Timing channel attack in
util/security/Password.java
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: eclipse-sig(a)lists.fedoraproject.org,
hhorak(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jjohnstn(a)redhat.com, jorton(a)redhat.com,
krzysztof.daniel(a)gmail.com, mizdebsk(a)redhat.com,
msimacek(a)redhat.com
Jetty is prone to a timing channel in util/security/Password.java, which makes
it easier for remote attackers to obtain access by observing elapsed times
before rejection of incorrect passwords.
Upstream issue:
https://github.com/eclipse/jetty.project/issues/1556
Upstream patch:
https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1570970
Bug ID: 1570970
Summary: CVE-2018-5429 jasperreports: arbitrary code execution
in analytic reports that contain scripting
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: lpardo(a)redhat.com
CC: java-sig-commits(a)lists.fedoraproject.org,
lef(a)fedoraproject.org, puntogil(a)libero.it,
rhel8-maint(a)redhat.com
A vulnerability in the report scripting component of TIBCO Software Inc.'s
TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO
JasperReports Server for ActiveMatrix BPM, TIBCO JasperReports Library, TIBCO
JasperReports Library Community Edition, TIBCO JasperReports Library for
ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, TIBCO Jaspersoft
Reporting and Analytics for AWS, TIBCO Jaspersoft Studio, TIBCO Jaspersoft
Studio Community Edition, and TIBCO Jaspersoft Studio for ActiveMatrix BPM may
allow analytic reports that contain scripting to perform arbitrary code
execution. Affected releases include TIBCO Software Inc.'s TIBCO JasperReports
Server: versions up to and including 6.2.4; 6.3.0; 6.3.2;6.3.3; 6.4.0; 6.4.2,
TIBCO JasperReports Server Community Edition: versions up to and including
6.4.2, TIBCO JasperReports Server for ActiveMatrix BPM: versions up to and
including 6.4.2, TIBCO JasperReports Library: versions up to and including
6.2.4; 6.3.0; 6.3.2; 6.3.3; 6.4.0; 6.4.1; 6.4.2, TIBCO JasperReports Library
Community Edition: versions up to and including 6.4.3, TIBCO JasperReports
Library for ActiveMatrix BPM: versions up to and including 6.4.2, TIBCO
Jaspersoft for AWS with Multi-Tenancy: versions up to and including 6.4.2,
TIBCO Jaspersoft Reporting and Analytics for AWS: versions up to and including
6.4.2, TIBCO Jaspersoft Studio: versions up to and including 6.2.4; 6.3.0;
6.3.2; 6.3.3; 6.4.0; 6.4.2, TIBCO Jaspersoft Studio Community Edition: versions
up to and including 6.4.3, TIBCO Jaspersoft Studio for ActiveMatrix BPM:
versions up to and including 6.4.2.
References:
https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-ap…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1570973
Bug ID: 1570973
Summary: CVE-2018-5430 jasperreports: read-only access to the
contents of the web application for authenticated user
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: lpardo(a)redhat.com
CC: java-sig-commits(a)lists.fedoraproject.org,
lef(a)fedoraproject.org, puntogil(a)libero.it,
rhel8-maint(a)redhat.com
The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO
JasperReports Server Community Edition, TIBCO JasperReports Server for
ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO
Jaspersoft Reporting and Analytics for AWS contain a vulnerability which may
allow any authenticated user read-only access to the contents of the web
application, including key configuration files. Affected releases include TIBCO
Software Inc.'s TIBCO JasperReports Server: versions up to and including 6.2.4;
6.3.0; 6.3.2; 6.3.3;6.4.0; 6.4.2, TIBCO JasperReports Server Community Edition:
versions up to and including 6.4.2, TIBCO JasperReports Server for ActiveMatrix
BPM: versions up to and including 6.4.2, TIBCO Jaspersoft for AWS with
Multi-Tenancy: versions up to and including 6.4.2, TIBCO Jaspersoft Reporting
and Analytics for AWS: versions up to and including 6.4.2.
References:
https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-ap…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1570974
Bug ID: 1570974
Summary: CVE-2018-5431 jasperreports: persisted cross-site
scripting (XSS) in the context of a non-default
permissions configuration
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: lpardo(a)redhat.com
CC: java-sig-commits(a)lists.fedoraproject.org,
lef(a)fedoraproject.org, puntogil(a)libero.it,
rhel8-maint(a)redhat.com
The domain designer component of TIBCO Software Inc.'s TIBCO JasperReports
Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports
Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and
TIBCO Jaspersoft Reporting and Analytics for AWS contains a vulnerability which
may allow, in the context of a non-default permissions configuration, persisted
cross-site scripting (XSS) attacks. Affected releases include TIBCO Software
Inc.'s TIBCO JasperReports Server: versions up to and including 6.2.4; 6.3.0;
6.3.2; 6.3.3; 6.4.0; 6.4.2, TIBCO JasperReports Server Community Edition:
versions up to and including 6.4.2, TIBCO JasperReports Server for ActiveMatrix
BPM: versions up to and including 6.4.2, TIBCO Jaspersoft for AWS with
Multi-Tenancy: versions up to and including 6.4.2, TIBCO Jaspersoft Reporting
and Analytics for AWS: versions up to and including 6.4.2.
References:
https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-ap…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1508110
Chess Hazlett <chazlett(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |chazlett(a)redhat.com
Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016
|0524,reported=20160524,sour |0524,reported=20160524,sour
|ce=cve,cvss3=6.4/CVSS:3.0/A |ce=cve,cvss3=6.4/CVSS:3.0/A
|V:N/AC:L/PR:L/UI:N/S:C/C:L/ |V:N/AC:L/PR:L/UI:N/S:C/C:L/
|I:L/A:N,cwe=CWE-352,fedora- |I:L/A:N,cwe=CWE-352,fedora-
|all/xmlrpc=affected,rhel-5/ |all/xmlrpc=affected,rhel-5/
|xmlrpc=wontfix,rhel-6/xmlrp |xmlrpc=wontfix,rhel-6/xmlrp
|c3=wontfix,rhel-7/xmlrpc=wo |c3=wontfix,rhel-7/xmlrpc=wo
|ntfix,rhev-m-3/xmlrpc-commo |ntfix,rhev-m-3/xmlrpc-commo
|n=wontfix,rhscl-3/rh-java-c |n=wontfix,rhscl-3/rh-java-c
|ommon-xmlrpc=affected,rhes- |ommon-xmlrpc=affected,rhes-
|3/xmlrpc-common=wontfix,jbd |3/xmlrpc-common=wontfix,jbd
|s-8/xmlrpc=notaffected,jbds |s-8/xmlrpc=notaffected,jbds
|-10/xmlrpc=notaffected,open |-10/xmlrpc=notaffected,open
|shift-enterprise-3/xmlrpc-c |shift-enterprise-3/xmlrpc-c
|ommon=notaffected,fis-2/cam |ommon=notaffected,fuse-6/xm
|el-xmlrpc=new,fis-2/xmlrpc- |lrpc-common=new,fis-2/xmlrp
|common=new |c-common=new
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1508110
Chess Hazlett <chazlett(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |hghasemb(a)redhat.com
Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016
|0524,reported=20160524,sour |0524,reported=20160524,sour
|ce=cve,cvss3=6.4/CVSS:3.0/A |ce=cve,cvss3=6.4/CVSS:3.0/A
|V:N/AC:L/PR:L/UI:N/S:C/C:L/ |V:N/AC:L/PR:L/UI:N/S:C/C:L/
|I:L/A:N,cwe=CWE-352,fedora- |I:L/A:N,cwe=CWE-352,fedora-
|all/xmlrpc=affected,rhel-5/ |all/xmlrpc=affected,rhel-5/
|xmlrpc=wontfix,rhel-6/xmlrp |xmlrpc=wontfix,rhel-6/xmlrp
|c3=wontfix,rhel-7/xmlrpc=wo |c3=wontfix,rhel-7/xmlrpc=wo
|ntfix,rhev-m-3/xmlrpc-commo |ntfix,rhev-m-3/xmlrpc-commo
|n=wontfix,rhscl-3/rh-java-c |n=wontfix,rhscl-3/rh-java-c
|ommon-xmlrpc=affected,rhes- |ommon-xmlrpc=affected,rhes-
|3/xmlrpc-common=wontfix,jbd |3/xmlrpc-common=wontfix,jbd
|s-8/xmlrpc=notaffected,jbds |s-8/xmlrpc=notaffected,jbds
|-10/xmlrpc=notaffected,fuse |-10/xmlrpc=notaffected,open
|-6/camel-xmlrpc=new,openshi |shift-enterprise-3/xmlrpc-c
|ft-enterprise-3/xmlrpc-comm |ommon=notaffected,fis-2/cam
|on=notaffected |el-xmlrpc=new,fis-2/xmlrpc-
| |common=new
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1508110
Chess Hazlett <chazlett(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016
|0524,reported=20160524,sour |0524,reported=20160524,sour
|ce=cve,cvss3=6.4/CVSS:3.0/A |ce=cve,cvss3=6.4/CVSS:3.0/A
|V:N/AC:L/PR:L/UI:N/S:C/C:L/ |V:N/AC:L/PR:L/UI:N/S:C/C:L/
|I:L/A:N,cwe=CWE-352,fedora- |I:L/A:N,cwe=CWE-352,fedora-
|all/xmlrpc=affected,rhel-5/ |all/xmlrpc=affected,rhel-5/
|xmlrpc=wontfix,rhel-6/xmlrp |xmlrpc=wontfix,rhel-6/xmlrp
|c3=wontfix,rhel-7/xmlrpc=wo |c3=wontfix,rhel-7/xmlrpc=wo
|ntfix,rhev-m-3/xmlrpc-commo |ntfix,rhev-m-3/xmlrpc-commo
|n=wontfix,rhscl-3/rh-java-c |n=wontfix,rhscl-3/rh-java-c
|ommon-xmlrpc=affected,rhes- |ommon-xmlrpc=affected,rhes-
|3/xmlrpc-common=wontfix,jbd |3/xmlrpc-common=wontfix,jbd
|s-8/xmlrpc=new,jbds-10/xmlr |s-8/xmlrpc=notaffected,jbds
|pc=new,fuse-6/camel-xmlrpc= |-10/xmlrpc=notaffected,fuse
|new,openshift-enterprise-3/ |-6/camel-xmlrpc=new,openshi
|xmlrpc-common=notaffected |ft-enterprise-3/xmlrpc-comm
| |on=notaffected
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1553565
Bug ID: 1553565
Summary: spring-security:
LdapUserDetailsManager.java:changePassword() allows
for direct modificiation of user passwords, bypassing
the security configuration
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: sfowler(a)redhat.com
CC: aileenc(a)redhat.com, apevec(a)redhat.com,
chazlett(a)redhat.com, chrisw(a)redhat.com,
gvarsami(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jcoleman(a)redhat.com, jjoyce(a)redhat.com,
jschluet(a)redhat.com, kbasil(a)redhat.com,
kconner(a)redhat.com, ldimaggi(a)redhat.com,
lhh(a)redhat.com, lpeer(a)redhat.com, markmc(a)redhat.com,
mburns(a)redhat.com, mkolesni(a)redhat.com,
nwallace(a)redhat.com, nyechiel(a)redhat.com,
pavelp(a)redhat.com, puntogil(a)libero.it,
rbryant(a)redhat.com, rwagner(a)redhat.com,
sclewis(a)redhat.com, slinaber(a)redhat.com,
tcunning(a)redhat.com, tdecacqu(a)redhat.com,
tkirby(a)redhat.com
Spring Security through version 5.0.3, allows for direct modification of user
passwords in the LdapUserDetailsManager.java:changePassword() function, which
conflicts with RFC 3062 and allows for security configuration bypass.
Upstream Issue:
https://github.com/spring-projects/spring-security/issues/3392
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1372129
Bug ID: 1372129
Summary: CVE-2016-6348 RESTEasy: Use of JacksonJsonpInterceptor
in RESTEasy can lead to Cross Site Script Inclusion
attack
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: jshepherd(a)redhat.com
CC: aileenc(a)redhat.com, alazarot(a)redhat.com,
alee(a)redhat.com, aszczucz(a)redhat.com,
bazulay(a)redhat.com, bbaranow(a)redhat.com,
bdawidow(a)redhat.com, bkearney(a)redhat.com,
bmaxwell(a)redhat.com, bmcclain(a)redhat.com,
cbillett(a)redhat.com, cdewolf(a)redhat.com,
chazlett(a)redhat.com, csutherl(a)redhat.com,
dandread(a)redhat.com, darran.lofthouse(a)redhat.com,
dblechte(a)redhat.com, dosoudil(a)redhat.com,
eedri(a)redhat.com, epp-bugs(a)redhat.com,
etirelli(a)redhat.com, felias(a)redhat.com,
fnasser(a)redhat.com, gklein(a)redhat.com,
gvarsami(a)redhat.com, hchiorea(a)redhat.com,
hfnukal(a)redhat.com, huwang(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jawilson(a)redhat.com, jboss-set(a)redhat.com,
jbpapp-maint(a)redhat.com, jcoleman(a)redhat.com,
jdg-bugs(a)redhat.com, jmatthew(a)redhat.com,
jolee(a)redhat.com, jpallich(a)redhat.com,
jshepherd(a)redhat.com, katello-bugs(a)redhat.com,
kconner(a)redhat.com, kseifried(a)redhat.com,
kverlaen(a)redhat.com, ldimaggi(a)redhat.com,
lgao(a)redhat.com, lpetrovi(a)redhat.com,
lsurette(a)redhat.com, mbaluch(a)redhat.com,
mgoldboi(a)redhat.com, mgoldman(a)redhat.com,
miburman(a)redhat.com, michal.skrivanek(a)redhat.com,
mmccune(a)redhat.com, mweiler(a)redhat.com,
mwinkler(a)redhat.com, myarboro(a)redhat.com,
nwallace(a)redhat.com, ohadlevy(a)redhat.com,
oourfali(a)redhat.com, pavelp(a)redhat.com,
pgier(a)redhat.com, pkliczew(a)redhat.com,
psakar(a)redhat.com, pslavice(a)redhat.com,
puntogil(a)libero.it, rcernich(a)redhat.com,
Rhev-m-bugs(a)redhat.com, rnetuka(a)redhat.com,
rrajasek(a)redhat.com, rsvoboda(a)redhat.com,
rwagner(a)redhat.com, rzhang(a)redhat.com,
satellite6-bugs(a)redhat.com, sherold(a)redhat.com,
soa-p-jira(a)post-office.corp.redhat.com,
spinder(a)redhat.com, tcunning(a)redhat.com,
theute(a)redhat.com, tjay(a)redhat.com, tkirby(a)redhat.com,
tlestach(a)redhat.com, tomckay(a)redhat.com,
tsanders(a)redhat.com, ttarrant(a)redhat.com,
twalsh(a)redhat.com, vhalbert(a)redhat.com,
vtunka(a)redhat.com, weli(a)redhat.com, ydary(a)redhat.com,
ykaul(a)redhat.com
It was found that in some configurations the JacksonJsonpInterceptor is
activated by default in RESTEasy. An attacker could use this flaw to launch a
Cross Site Scripting Inclusion attack.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1372117
Bug ID: 1372117
Summary: CVE-2016-6345 RESTEasy: Insufficient use of random
values in RESTEasy async jobs could lead to loss of
data confidentiality
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: jshepherd(a)redhat.com
CC: aileenc(a)redhat.com, alazarot(a)redhat.com,
alee(a)redhat.com, aszczucz(a)redhat.com,
bazulay(a)redhat.com, bbaranow(a)redhat.com,
bdawidow(a)redhat.com, bkearney(a)redhat.com,
bmaxwell(a)redhat.com, bmcclain(a)redhat.com,
cbillett(a)redhat.com, cdewolf(a)redhat.com,
chazlett(a)redhat.com, csutherl(a)redhat.com,
dandread(a)redhat.com, darran.lofthouse(a)redhat.com,
dblechte(a)redhat.com, dosoudil(a)redhat.com,
eedri(a)redhat.com, epp-bugs(a)redhat.com,
etirelli(a)redhat.com, felias(a)redhat.com,
fnasser(a)redhat.com, gklein(a)redhat.com,
gvarsami(a)redhat.com, hchiorea(a)redhat.com,
hfnukal(a)redhat.com, huwang(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jawilson(a)redhat.com, jboss-set(a)redhat.com,
jbpapp-maint(a)redhat.com, jcoleman(a)redhat.com,
jdg-bugs(a)redhat.com, jmatthew(a)redhat.com,
jolee(a)redhat.com, jpallich(a)redhat.com,
jshepherd(a)redhat.com, katello-bugs(a)redhat.com,
kconner(a)redhat.com, kseifried(a)redhat.com,
kverlaen(a)redhat.com, ldimaggi(a)redhat.com,
lgao(a)redhat.com, lpetrovi(a)redhat.com,
lsurette(a)redhat.com, mbaluch(a)redhat.com,
mgoldboi(a)redhat.com, mgoldman(a)redhat.com,
miburman(a)redhat.com, michal.skrivanek(a)redhat.com,
mmccune(a)redhat.com, mweiler(a)redhat.com,
mwinkler(a)redhat.com, myarboro(a)redhat.com,
nwallace(a)redhat.com, ohadlevy(a)redhat.com,
oourfali(a)redhat.com, pavelp(a)redhat.com,
pgier(a)redhat.com, pkliczew(a)redhat.com,
psakar(a)redhat.com, pslavice(a)redhat.com,
puntogil(a)libero.it, rcernich(a)redhat.com,
Rhev-m-bugs(a)redhat.com, rnetuka(a)redhat.com,
rrajasek(a)redhat.com, rsvoboda(a)redhat.com,
rwagner(a)redhat.com, rzhang(a)redhat.com,
satellite6-bugs(a)redhat.com, sherold(a)redhat.com,
soa-p-jira(a)post-office.corp.redhat.com,
spinder(a)redhat.com, tcunning(a)redhat.com,
theute(a)redhat.com, tjay(a)redhat.com, tkirby(a)redhat.com,
tlestach(a)redhat.com, tomckay(a)redhat.com,
tsanders(a)redhat.com, ttarrant(a)redhat.com,
twalsh(a)redhat.com, vhalbert(a)redhat.com,
vtunka(a)redhat.com, weli(a)redhat.com, ydary(a)redhat.com,
ykaul(a)redhat.com
It was found that there was insufficient use of randam values in RESTEasy async
jobs. An attacker could use this flaw to steal user data.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1372124
Chess Hazlett <chazlett(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016
|0901,reported=20160829,sour |0901,reported=20160829,sour
|ce=researcher,cvss2=4.3/AV: |ce=researcher,cvss2=4.3/AV:
|N/AC:M/Au:N/C:N/I:P/A:N,cvs |N/AC:M/Au:N/C:N/I:P/A:N,cvs
|s3=5.4/CVSS:3.0/AV:N/AC:H/P |s3=5.4/CVSS:3.0/AV:N/AC:H/P
|R:N/UI:N/S:C/C:L/I:L/A:N,cw |R:N/UI:N/S:C/C:L/I:L/A:N,cw
|e=CWE-20,eap-7/REST=affecte |e=CWE-20,eap-7/REST=affecte
|d,fedora-all/resteasy=affec |d,fedora-all/resteasy=affec
|ted,eap-6/RESTEasy=notaffec |ted,eap-6/RESTEasy=notaffec
|ted,eap-5/jbossas=wontfix,b |ted,eap-5/jbossas=wontfix,b
|pms-6/Build and |pms-6/Build and
|Assembly=notaffected,brms-6 |Assembly=notaffected,brms-6
|/Build and |/Build and
|Assembly=notaffected,jdg-6/ |Assembly=notaffected,jdg-6/
|Build=affected,jdv-6/Produc |Build=notaffected,jdv-6/Pro
|tization=notaffected,brms-5 |ductization=notaffected,brm
|/Security=wontfix,soap-5/Se |s-5/Security=wontfix,soap-5
|curity=wontfix,fsw-6/Switch |/Security=wontfix,fsw-6/Swi
|Yard=notaffected,fuse-6/Swi |tchYard=notaffected,fuse-6/
|tchYard=affected,jon-3/REST |SwitchYard=affected,jon-3/R
|=wontfix,jpp-6/Requirements |EST=wontfix,jpp-6/Requireme
|=notaffected,rhsso-7/Core=n |nts=notaffected,rhsso-7/Cor
|otaffected,rhev-m-3/vdsm-js |e=notaffected,rhev-m-3/vdsm
|onrpc-java=new,rhn_satellit |-jsonrpc-java=new,rhn_satel
|e_6/Security=affected,sam-1 |lite_6/Security=affected,sa
|/katello=new |m-1/katello=new,jdg-7/reste
| |asy=affected
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1559663
Bug ID: 1559663
Summary: xbean-4.7 is available
Product: Fedora
Version: rawhide
Component: xbean
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com, mizdebsk(a)redhat.com,
msimacek(a)redhat.com, sochotni(a)redhat.com
Latest upstream release: 4.7
Current version/release in rawhide: 4.6-1.fc29
URL: http://repo2.maven.org/maven2/org/apache/xbean/xbean/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/5162/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1567675
Bug ID: 1567675
Summary: jsoup-1.11.3 is available
Product: Fedora
Version: rawhide
Component: jsoup
Keywords: FutureFeature, Triaged
Assignee: msimacek(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: jaromir.capik(a)email.cz,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com
Latest upstream release: 1.11.3
Current version/release in rawhide: 1.11.2-2.fc28
URL: http://jsoup.org/download
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/1479/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1340421
Bug ID: 1340421
Summary: apache-poi-3.15-beta1-20160409 is available
Product: Fedora
Version: rawhide
Component: apache-poi
Assignee: mat.booth(a)redhat.com
Reporter: puntogil(a)libero.it
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mat.booth(a)redhat.com, puntogil(a)libero.it
Latest upstream release: 3.15-beta1-20160409
Current version/release in rawhide: 3.14-1.fc25
URL: http://www.apache.org/dist/poi/dev/src/http://www.apache.org/dist/poi/release/src
Please, consider upgrading
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1564408
Yasuhiro Ozone <yozone(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |yozone(a)redhat.com
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1559905
Bug ID: 1559905
Summary: CVE-2018-8881 nasm: Heap overflow in function tokenize
in asm/preproc.c
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: lpardo(a)redhat.com
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com
Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the
function tokenize in asm/preproc.c, related to an unterminated string.
References:
https://bugzilla.nasm.us/show_bug.cgi?id=3392446
Patch:
https://github.com/cyrillos/nasm/commit/3144e84add8b152cc7a71e44617ce6f21da…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1567720
Sam Fowler <sfowler(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |1567719 (CVE-2018-10016)
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1567719
[Bug 1567719] CVE-2018-10016 nasm: Divide-by-zero asm/eval.c:expr5() allows
for crash via crafted file
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1567720
--- Comment #1 from Sam Fowler <sfowler(a)redhat.com> ---
Use the following template to for the 'fedpkg update' request to submit an
update for this issue as it contains the top-level parent bug(s) as well as
this tracking bug. This will ensure that all associated bugs get updated
when new packages are pushed to stable.
=====
# bugfix, security, enhancement, newpackage (required)
type=security
# testing, stable
request=testing
# Bug numbers: 1234,9876
bugs=1567719,1567720
# Description of your update
notes=Security fix for [PUT CVEs HERE]
# Enable request automation based on the stable/unstable karma thresholds
autokarma=True
stable_karma=3
unstable_karma=-3
# Automatically close bugs when this marked as stable
close_bugs=True
# Suggest that users restart after update
suggest_reboot=False
======
Additionally, you may opt to use the bodhi web interface to submit updates:
https://bodhi.fedoraproject.org/updates/new
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1462702
Hooman Broujerdi <hghasemb(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=important,public=201 |impact=important,public=201
|70714,reported=20170616,sou |70714,reported=20170616,sou
|rce=researcher,cvss3=8.1/CV |rce=researcher,cvss3=8.1/CV
|SS:3.0/AV:N/AC:H/PR:N/UI:N/ |SS:3.0/AV:N/AC:H/PR:N/UI:N/
|S:U/C:H/I:H/A:H,cwe=CWE-20, |S:U/C:H/I:H/A:H,cwe=CWE-20,
|amq-6/jackson-databind=nota |amq-6/jackson-databind=wont
|ffected,jdg-7/jackson-datab |fix,jdg-7/jackson-databind=
|ind=affected,jdv-6/jackson- |affected,jdv-6/jackson-data
|databind=affected,eap-7/jac |bind=affected,eap-7/jackson
|kson-databind=affected,bpms |-databind=affected,bpms-6/j
|-6/jackson-databind=affecte |ackson-databind=affected,br
|d,brms-6/jackson-databind=a |ms-6/jackson-databind=affec
|ffected,fuse-6/jackson-data |ted,fuse-6/jackson-databind
|bind=notaffected,openshift- |=wontfix,openshift-enterpri
|enterprise-2/jackson-databi |se-2/jackson-databind=wontf
|nd=wontfix,rhn_satellite_6/ |ix,rhn_satellite_6/jackson-
|jackson-databind=affected/i |databind=affected/impact=lo
|mpact=low,rhmap-4/jackson-d |w,rhmap-4/jackson-databind=
|atabind=notaffected,sam-1/j |notaffected,sam-1/jackson-d
|ackson-databind=wontfix,rhe |atabind=wontfix,rhev-m-3/ja
|v-m-3/jasperreports-server- |sperreports-server-pro=wont
|pro=wontfix,rhev-m-4/eap7-j |fix,rhev-m-4/eap7-jackson-d
|ackson-databind=affected,rh |atabind=affected,rhscl-2/rh
|scl-2/rh-eclipse46-jackson- |-eclipse46-jackson-databind
|databind=affected,fedora-al |=affected,fedora-all/jackso
|l/jackson-databind=affected |n-databind=affected,jon-3/C
|,jon-3/Core |ore
|Server=notaffected,eap-6/ja |Server=notaffected,eap-6/ja
|ckson-databind=affected,dts |ckson-databind=affected,dts
|-4/devtoolset-4-jackson-dat |-4/devtoolset-4-jackson-dat
|abind=affected,rhscl-3/rh-m |abind=affected,rhscl-3/rh-m
|aven35-jackson-databind=aff |aven35-jackson-databind=aff
|ected,vertx-3/jackson-datab |ected,vertx-3/jackson-datab
|ind=notaffected,swarm-7/jac |ind=notaffected,swarm-7/jac
|kson-databind=notaffected |kson-databind=notaffected
--- Comment #56 from Hooman Broujerdi <hghasemb(a)redhat.com> ---
Statement:
Although JBoss Fuse ships the vulnerable version of jackson-databind, however
it does not call on enableDefaultTyping() for any polymorphic deserialization
operations which is the root cause of this vulnerability. We have raised a Jira
tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however
due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse
6.3.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1566947
Bug ID: 1566947
Summary: jenkins: CLI leaked existence of views and agents with
attacker-specified names to users without Overall/Read
permission (SECURITY-754)
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: ahardin(a)redhat.com, bleanhar(a)redhat.com,
ccoleman(a)redhat.com, dedgar(a)redhat.com,
dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jokerman(a)redhat.com,
kseifried(a)redhat.com, mchappel(a)redhat.com,
mizdebsk(a)redhat.com, msrb(a)redhat.com
The Jenkins CLI sent different error responses for commands with view and agent
arguments depending on the existence of the specified views or agents to
unauthorized users. This allowed attackers to determine whether views or agents
with specified names exist.
External References:
https://jenkins.io/security/advisory/2018-04-11/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1566950
Bug ID: 1566950
Summary: jenkins: Cross-site scripting vulnerability in
confirmation dialogs displaying item names
(SECURITY-759)
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: ahardin(a)redhat.com, bleanhar(a)redhat.com,
ccoleman(a)redhat.com, dedgar(a)redhat.com,
dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jokerman(a)redhat.com,
kseifried(a)redhat.com, mchappel(a)redhat.com,
mizdebsk(a)redhat.com, msrb(a)redhat.com
Some JavaScript confirmation dialogs included the item name in an unsafe
manner, resulting in a possible cross-site scripting vulnerability exploitable
by users with permission to create or configure items.
External References:
https://jenkins.io/security/advisory/2018-04-11/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1565390
Bug ID: 1565390
Summary: maven-jar-plugin-3.1.0 is available
Product: Fedora
Version: rawhide
Component: maven-jar-plugin
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com
Latest upstream release: 3.1.0
Current version/release in rawhide: 3.0.2-4.fc27
URL: http://repo2.maven.org/maven2/org/apache/maven/plugins/maven-jar-plugin/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/1917/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1510896
Bug ID: 1510896
Summary: Problem to start tomcat with a user whose group has a
name different to the user
Product: Fedora
Version: rawhide
Component: tomcat
Severity: medium
Assignee: ivan.afonichev(a)gmail.com
Reporter: csutherl(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: alee(a)redhat.com, aneelica(a)redhat.com,
csutherl(a)redhat.com, djorm(a)redhat.com,
dknox(a)redhat.com, etienne.carriere(a)finances.gouv.fr,
hajek(a)oakland.edu, ivan.afonichev(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
jclere(a)redhat.com, jonderka(a)redhat.com,
krzysztof.daniel(a)gmail.com, lnovich(a)redhat.com,
luvilla(a)redhat.com, mbabacek(a)redhat.com,
mczernek(a)redhat.com, me(a)coolsvap.net,
mhasko(a)redhat.com, rhatlapa(a)redhat.com,
tfonteyn(a)redhat.com, tomcat-qe(a)redhat.com
Depends On: 1505762, 915447
Blocks: 835616
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=915447
[Bug 915447] Problem to start tomcat with a user whose group has a name
different to the user
https://bugzilla.redhat.com/show_bug.cgi?id=1505762
[Bug 1505762] Problem to start tomcat with a user whose group has a name
different to the user
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1545904
Bug ID: 1545904
Summary: CVE-2018-6356 jenkins: Path traversal allows access to
files outside plugin resources
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: lpardo(a)redhat.com
CC: bleanhar(a)redhat.com, ccoleman(a)redhat.com,
dedgar(a)redhat.com, dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jkeck(a)redhat.com,
kseifried(a)redhat.com, mizdebsk(a)redhat.com,
msrb(a)redhat.com
A flaw was found in Jenkins weekly up to and including 2.106 and Jenkins LTS up
to and including 2.89.3. Jenkins did not properly prevent specifying relative
paths that escape a base directory for URLs accessing plugin resource files.
This allowed users with Overall/Read permission to download files from the
Jenkins master they should not have access to.
On Windows, any file accessible to the Jenkins master process could be
downloaded. On other operating systems, any file within the Jenkins home
directory accessible to the Jenkins master process could be downloaded.
References:
https://jenkins.io/security/advisory/2018-02-14/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1545899
Bug ID: 1545899
Summary: jenkins: Improperly secured form validation for proxy
configuration allows Server-Side Request Forgery
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: lpardo(a)redhat.com
CC: bleanhar(a)redhat.com, ccoleman(a)redhat.com,
dedgar(a)redhat.com, dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jkeck(a)redhat.com,
kseifried(a)redhat.com, mizdebsk(a)redhat.com,
msrb(a)redhat.com
A flaw was found in Jenkins weekly up to and including 2.106 and Jenkins LTS up
to and including 2.89.3. The form validation for the proxy configuration form
did not check the permission of the user accessing it, allowing anyone with
Overall/Read access to Jenkins to cause Jenkins to send a GET request to a
specified URL, optionally with a specified proxy configuration.
If that request’s HTTP response code indicates success, the form validation is
returning a generic success message, otherwise the HTTP status code is
returned. It was not possible to reuse an existing proxy configuration to send
those requests; that configuration had to be provided by the attacker.
References:
https://jenkins.io/security/advisory/2018-02-14/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1526596
Bug ID: 1526596
Summary: jenkins: CSRF protection delayed after startup
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: bleanhar(a)redhat.com, ccoleman(a)redhat.com,
dedgar(a)redhat.com, dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jkeck(a)redhat.com,
kseifried(a)redhat.com, mizdebsk(a)redhat.com,
msrb(a)redhat.com
A race condition during Jenkins startup could result in the wrong order of
execution of commands during initialization.
There’s a very short window of time after startup during which Jenkins may no
longer show the "Please wait while Jenkins is getting ready to work" message,
but Cross-Site Request Forgery (CSRF) protection may not yet be effective.
External references:
https://jenkins.io/security/advisory/2017-12-14/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1561287
Bug ID: 1561287
Summary: CVE-2018-8718 jenkins-plugin-mailer: Missing
permissions check in Mailer.java:doSendTestMail()
allows unauthorised users to send mail
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: sfowler(a)redhat.com
CC: ahardin(a)redhat.com, bleanhar(a)redhat.com,
ccoleman(a)redhat.com, dbaker(a)redhat.com,
dedgar(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jokerman(a)redhat.com,
kseifried(a)redhat.com, mchappel(a)redhat.com,
mizdebsk(a)redhat.com, msrb(a)redhat.com
The Jenkins Mailer Plugin through version 1.20 is missing a permissions check
in the Mailer.java:doSendTestMail() function. Users with Overall/Read access
are able to connect to a user-specified mail server with user-specified
credentials to send a test email to a user-specified email address. The email
subject and body could not be changed. This could result in DoS if, for
example, specifying a valid mail server but invalid credentials.
As the same URL did not require POST to be used, it also was vulnerable to
cross-site request forgery.
Upstream Advisory:
https://jenkins.io/security/advisory/2018-03-26/
Upstream Patch:
https://github.com/jenkinsci/mailer-plugin/commit/98e79cf904769907f83894e29…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1522902
Bug ID: 1522902
Summary: jenkins: Stored XSS vulnerability in tool names
exploitable by administrators (SECURITY-624)
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: bleanhar(a)redhat.com, ccoleman(a)redhat.com,
dedgar(a)redhat.com, dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jkeck(a)redhat.com,
kseifried(a)redhat.com, mizdebsk(a)redhat.com,
msrb(a)redhat.com
Jenkins administrators can configure tools, such as JDK, Maven, or Ant, that
will be available in job configurations for use by build scripts.
Some tool names are not properly escaped on job configuration forms, resulting
in a stored cross-site scripting vulnerability.
Tools confirmed to be affected are:
JDK (provided by Jenkins core)
Ant (provided by Ant plugin)
Others may also be affected by this.
This vulnerability can only be exploited by Jenkins administrators, as they’re
the only ones able to define tools. In the vast majority of Jenkins
configurations, administrators are able to run any code and install any plugin.
Therefore this vulnerability only really affects installations that don’t grant
administrators the Run Scripts, Configure Update Sites, and Install Plugins
permissions.
The Jenkins project has prepared a plugin preventing the configuration of
unsafe tool names at https://github.com/jenkinsci-cert/security624 as a
workaround.
External References:
https://jenkins.io/security/advisory/2017-12-05/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1538332
Kurt Seifried <kseifried(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Depends On| |1565285
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1549276
kat <kbost(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kbost(a)redhat.com
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1564408
Andrej Nemec <anemec(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |1564412
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1564408
Andrej Nemec <anemec(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Depends On| |1564409
--- Comment #1 from Andrej Nemec <anemec(a)redhat.com> ---
Created springframework tracking bugs for this issue:
Affects: fedora-all [bug 1564409]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1564409
[Bug 1564409] CVE-2018-1270 CVE-2018-1272 springframework: various flaws
[fedora-all]
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1564364
Bug ID: 1564364
Summary: CVE-2018-1315 hive: 'COPY FROM FTP' feature allows
malicious FTP server to write arbitrary files to the
cluster
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: sfowler(a)redhat.com
CC: extras-orphan(a)fedoraproject.org, hghasemb(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
me(a)coolsvap.net, moceap(a)hotmail.com,
pmackinn(a)redhat.com
Blocks: 1564360
Apache Hive through version 2.3.2 has a vulnerability in the 'COPY FROM FTP'
feature. When 'COPY FROM FTP' statement is run using HPL/SQL extension to Hive,
a compromised/malicious FTP server can cause the file to be written to an
arbitrary location on the cluster where the command is run from. This is
because FTP client code in HPL/SQL does not verify the destination location of
the downloaded file. This does not affect hive cli user and hiveserver2 user as
hplsql is a separate command line script and needs to be invoked differently.
External References:
https://lists.apache.org/thread.html/d5da94ef60312c01a8d2348466680d1b5fb707…
Upstream Issue:
https://issues.apache.org/jira/browse/HIVE-18815
Upstream Patches:
https://issues.apache.org/jira/secure/attachment/12912330/HIVE-18815.1.patchhttps://issues.apache.org/jira/secure/attachment/12912689/HIVE-18815.1-bran…
--
You are receiving this mail because:
You are on the CC list for the bug.