[Bug 1177819] New: Failed at step NO_NEW_PRIVILEGES spawning /usr/sbin/amavisd: Invalid argument
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1177819
Bug ID: 1177819
Summary: Failed at step NO_NEW_PRIVILEGES spawning
/usr/sbin/amavisd: Invalid argument
Product: Fedora EPEL
Version: epel7
Component: amavisd-new
Assignee: juan.orti(a)miceliux.com
Reporter: pb(a)bieringer.de
QA Contact: extras-qa(a)fedoraproject.org
CC: janfrode(a)tanso.net, juan.orti(a)miceliux.com,
perl-devel(a)lists.fedoraproject.org, steve(a)silug.org,
vanmeeuwen+fedora(a)kolabsys.com
Description of problem:
Can't start amavisd on a fresh installed CentOS-7
Version-Release number of selected component (if applicable):
clamav-filesystem-0.98.5-1.el7.noarch
clamav-update-0.98.5-1.el7.x86_64
clamav-data-0.98.5-1.el7.noarch
clamav-0.98.5-1.el7.x86_64
clamav-server-systemd-0.98.5-1.el7.noarch
clamav-lib-0.98.5-1.el7.x86_64
clamav-server-0.98.5-1.el7.x86_64
amavisd-new-2.9.1-5.el7.noarch
How reproducible:
Always
Steps to Reproduce:
# service amavisd start
Redirecting to /bin/systemctl start amavisd.service
Job for amavisd.service failed. See 'systemctl status amavisd.service' and
'journalctl -xn' for details.
Actual results:
- clamd started by amavisd
- amavisd won't start
Dez 30 17:43:14 *** clamd[5375]: Bytecode: Security mode set to "TrustSigned".
Dez 30 17:43:14 *** amavisd[5380]: Failed at step NO_NEW_PRIVILEGES spawning
/usr/sbin/amavisd: Invalid argument
Dez 30 17:43:15 *** amavisd[5384]: Failed at step NO_NEW_PRIVILEGES spawning
/usr/sbin/amavisd: Invalid argument
Dez 30 17:43:15 *** amavisd[5388]: Failed at step NO_NEW_PRIVILEGES spawning
/usr/sbin/amavisd: Invalid argument
Dez 30 17:43:15 *** amavisd[5392]: Failed at step NO_NEW_PRIVILEGES spawning
/usr/sbin/amavisd: Invalid argument
Dez 30 17:43:28 *** clamd[5375]: Loaded 3717589 signatures.
Expected results:
Proper starting of amavisd
Additional info:
amavisd will start in it's own shell on manual start
# su - amavis -s /bin/bash
$ /usr/sbin/amavisd -c /etc/amavisd/amavisd.conf
Dez 30 17:45:51 *** amavis[5424]: starting. /usr/sbin/amavisd at ***
amavisd-new-2.9.1 (20140627), Unicode aware, LC_ALL="de_DE.utf8", ...e_DE.utf8"
Dez 30 17:45:52 *** amavis[5425]: Net::Server: Group Not Defined. Defaulting
to EGID '997 997'
Dez 30 17:45:52 *** amavis[5425]: Net::Server: User Not Defined. Defaulting to
EUID '997'
Dez 30 17:45:52 *** amavis[5425]: Module Amavis::Conf 2.321
...
Dez 30 17:45:52 *** amavis[5425]: Using primary internal av scanner code for
ClamAV-clamd
Dez 30 17:45:52 *** amavis[5425]: Found secondary av scanner ClamAV-clamscan at
/usr/bin/clamscan
Dez 30 17:45:52 *** amavis[5425]: Deleting db files
__db.002,__db.001,snmp.db,nanny.db,__db.003 in /var/spool/amavisd/db
Dez 30 17:45:52 *** amavis[5425]: Creating db in /var/spool/amavisd/db/;
BerkeleyDB 0.51, libdb 5.3
# getent passwd amavis
amavis:x:997:997:User for amavisd-new:/var/spool/amavisd:/sbin/nologin
# getent group amavis
amavis:x:997:
Looks like the problem is somehown known but no proper solution found so far:
http://www.administrator.de/content/print.php?id=257717
Any hints, e.g. how to simulate systemd NoNewPrivileges=true in a shell and
check e.g. with strace
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=S3bcCflunQ&a=cc_unsubscribe
8 years, 4 months
[Bug 1046006] New: Slicing a .stl file fails if multiple threads are configured
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1046006
Bug ID: 1046006
Summary: Slicing a .stl file fails if multiple threads are
configured
Product: Fedora
Version: 20
Component: slic3r
Severity: high
Assignee: mhroncok(a)redhat.com
Reporter: neil(a)darlow.co.uk
QA Contact: extras-qa(a)fedoraproject.org
CC: mhroncok(a)redhat.com,
perl-devel(a)lists.fedoraproject.org
Description of problem:
If 2 (the default) or higher is selected in Print Settings|Advanced|Threads an
error is reported and slicing fails.
Version-Release number of selected component (if applicable):
slic3r-1.0.0-0.2.RC1.fc20.x86_64
How reproducible:
Every time
Steps to Reproduce:
1. Attempt to slice a .stl file with default settings
2. Observe error and slicing failure
Actual results:
Can't locate package GLUquadricObjPtr for @OpenGL::Quad::ISA at
/usr/share/perl5/vendor_perl/Slic3r.pm line 111.
Expected results:
Slicing should be performed without error.
Additional info:
Reducing the Threads value to 1 permits slicing to be performed.
I have reported this upstream as Issue #1636 at
https://github.com/alexrj/Slic3r
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=PDOy8kmGQD&a=cc_unsubscribe
8 years, 4 months
[Bug 1006931] New: perl-Filesys-SmbClient missing flag compatibility with samba4
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1006931
Bug ID: 1006931
Summary: perl-Filesys-SmbClient missing flag compatibility with
samba4
Product: Fedora
Version: 18
Component: perl-Filesys-SmbClient
Severity: medium
Assignee: fedorapkg(a)rule.lv
Reporter: aebenjam(a)opentext.com
QA Contact: extras-qa(a)fedoraproject.org
CC: fedorapkg(a)rule.lv, perl-devel(a)lists.fedoraproject.org
Description of problem:
Unable to use kerberos via Filesys::SmbClient
Version-Release number of selected component (if applicable):
Filesys-SmbClient-3.2
How reproducible:
Create a new Filesys::SmbClient in perl with the option
flags => SMB_CTX_FLAG_USE_KERBEROS
Does not invoke the use of KERBEROS.
Furthermore, making the perl module manually reveals the missing option, and
the code in the header file notes the new mechanism by which kerberos is
enabled. Note that, when using the provided rpm, the invocation fails silently
back to password - which runs the risk of locking your account out as the
password is not likely provided.
Steps to Reproduce:
my $smb = new Filesys::SmbClient(
username => "user",
password => "", # working, via kerberos
workgroup => "DOMAIN",
flags => SMB_CTX_FLAG_USE_KERBEROS,
debug => 10);
Actual results:
Attempts password based login.
Expected results:
Uses existing kerberos credentials.
Additional info:
See /usr/include/samba-4.0/libsmbclient.h for new method of management.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=UG4DnM5BZ8&a=cc_unsubscribe
8 years, 4 months
[Bug 997645] New: gtk colored buttons
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=997645
Bug ID: 997645
Summary: gtk colored buttons
Product: Fedora
Version: 18
Component: perl-Gtk2
Assignee: tcallawa(a)redhat.com
Reporter: aebenjam(a)opentext.com
QA Contact: extras-qa(a)fedoraproject.org
CC: perl-devel(a)lists.fedoraproject.org,
tcallawa(a)redhat.com
Description of problem: perl-gtk2 applications that set the background color
for buttons aren't producing colored output.
Version-Release number of selected component (if applicable):
perl-Gtk2-1.247-1.fc18.x86_64
How reproducible:
Create a trivial perl-gtk application with a coloured button.
Steps to Reproduce:
1. see below for code example to run
Actual results:
Button is created, but no colour.
Expected results:
Coloured button. (Red.)
Additional info:
Note: this worked as expected in Fedora 17. (perl-Gtk2-1.241-2.fc17.i686)
Sample colored button code:
#!/bin/perl
use Gtk2 qw/-init/;
my $window = Gtk2::Window->new;
$window->set_title("Window!");
my $button = Gtk2::Button->new("Coloured _button");
# does not affect text
$button->modify_bg(normal => Gtk2::Gdk::Color->new(0xffff, 0, 0));
$window->add($button);
$window->show_all;
Gtk2->main;
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=oIE2F6zBK1&a=cc_unsubscribe
8 years, 4 months
[Bug 1094440] New: perl-libwww-perl: incorrect handling of SSL certificate verification
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1094440
Bug ID: 1094440
Summary: perl-libwww-perl: incorrect handling of SSL
certificate verification
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: high
Priority: high
Assignee: security-response-team(a)redhat.com
Reporter: vdanen(a)redhat.com
CC: jkurik(a)redhat.com, mmaslano(a)redhat.com,
perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, ppisar(a)redhat.com,
psabata(a)redhat.com
It was reported [1] that libwww-perl (LWP), when using IO::Socket::SSL (the
default) and when the HTTPS_CA_DIR or HTTPS_CA_FILE environment variables were
set, would disable server certificate verification. Judging by the commit [2],
the intention was to disable only hostname verification for compatibility with
Crypt::SSLeay, but the resultant effect is that SSL_verify_mode is set to 0.
This code was introduced in LWP::Protocol::https in version 6.04, so earlier
versions are not vulnerable.
Potential patches [3],[4] are being discussed upstream [5].
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746579
[2]
https://github.com/dagolden/lwp-protocol-https/commit/bcc46ce2dab53d2e2ba...
[3]
https://github.com/noxxi/lwp-protocol-https/commit/1b924708663f457a4f7c25...
[4]
https://github.com/noxxi/lwp-protocol-https/commit/6b5c876de80451ee54de5d...
[5] https://github.com/libwww-perl/lwp-protocol-https/pull/14
Statement:
This issue did not affect the versions of perl-libwww-perl as shipped with Red
Hat Enterprise Linux 5 and 6.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=6oOhABRd7w&a=cc_unsubscribe
8 years, 5 months
[Bug 430177] New: clamd.d/amavisd.conf configuration directives require boolean arguments
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=430177
Summary: clamd.d/amavisd.conf configuration directives require
boolean arguments
Product: Fedora EPEL
Version: el5
Platform: All
OS/Version: Linux
Status: NEW
Severity: low
Priority: low
Component: amavisd-new
AssignedTo: steve(a)silug.org
ReportedBy: rayvd(a)bludgeon.org
QAContact: extras-qa(a)fedoraproject.org
CC: fedora-perl-devel-list(a)redhat.com
After installing amavisd-new-2.4.5-1.el5 from epel-testing I get the following
when running service clamd.amavisd start:
# service clamd.amavisd start
Starting clamd.amavisd: ERROR: Parse error at line 2: Option LogSyslog requires
boolean argument.
ERROR: Can't open/parse the config file /etc/clamd.d/amavisd.conf
[FAILED]
Turns out FixStaleSocket also requires a boolean argument.
I appended a 'yes' to both of these configuration directives and everything is
working fine now.
This is in tandem with clamav-server-0.92-4.1.el5 from epel.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
8 years, 5 months
[Bug 1169369] New: CVE-2014-9130 libyaml: assert failure when processing wrapped strings
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Bug ID: 1169369
Summary: CVE-2014-9130 libyaml: assert failure when processing
wrapped strings
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: mprpic(a)redhat.com
CC: abaron(a)redhat.com, aortega(a)redhat.com,
apatters(a)redhat.com, apevec(a)redhat.com,
ayoung(a)redhat.com, bhu(a)redhat.com,
bkearney(a)redhat.com, bleanhar(a)redhat.com,
cbillett(a)redhat.com, ccoleman(a)redhat.com,
chrisw(a)redhat.com, cpelland(a)redhat.com,
cperry(a)redhat.com, dajohnso(a)redhat.com,
dallan(a)redhat.com, dclarizi(a)redhat.com,
dmcphers(a)redhat.com, esammons(a)redhat.com,
gkotton(a)redhat.com, gmccullo(a)redhat.com,
iboverma(a)redhat.com, jdetiber(a)redhat.com,
jeckersb(a)redhat.com, jhardy(a)redhat.com,
jialiu(a)redhat.com, jkeck(a)redhat.com,
jmatthew(a)redhat.com, joelsmith(a)redhat.com,
jokerman(a)redhat.com, jorton(a)redhat.com,
jplesnik(a)redhat.com, jprause(a)redhat.com,
jrafanie(a)redhat.com, jross(a)redhat.com,
jvlcek(a)redhat.com, katello-bugs(a)redhat.com,
kseifried(a)redhat.com, lhh(a)redhat.com,
lmeyer(a)redhat.com, lpeer(a)redhat.com,
markmc(a)redhat.com, matt(a)redhat.com, mburns(a)redhat.com,
mcressma(a)redhat.com, mmaslano(a)redhat.com,
mmccomas(a)redhat.com, mmccune(a)redhat.com,
mmcgrath(a)redhat.com, mmraka(a)redhat.com,
mrg-program-list(a)redhat.com, obarenbo(a)redhat.com,
paul(a)city-fan.org, perl-devel(a)lists.fedoraproject.org,
pmyers(a)redhat.com, rbryant(a)redhat.com,
rhos-maint(a)redhat.com, sclewis(a)redhat.com,
taw(a)redhat.com, tjay(a)redhat.com, tomckay(a)redhat.com,
tremble(a)tremble.org.uk, tsanders(a)redhat.com,
williams(a)redhat.com, xlecauch(a)redhat.com,
yeylon(a)redhat.com
An assertion failure was found in the way the libyaml library parsed wrapped
strings. An attacker able to load specially crafted YAML input into an
application using libyaml could cause the application to crash.
This issue was reported upstream at [1]; a patch that fixes this issue is
available at [2].
[1]
https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-fa...
[2]
https://github.com/yaml/libyaml/commit/e6aa721cc0e5a48f408c52355559fd3678...
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=qABK91j78H&a=cc_unsubscribe
8 years, 5 months