https://bugzilla.redhat.com/show_bug.cgi?id=874942
Bug ID: 874942
QA Contact: extras-qa(a)fedoraproject.org
Severity: high
External Bug URL: http://rt.cpan.org/Public/
Version: rawhide
Priority: unspecified
CC: mmaslano(a)redhat.com,
perl-devel(a)lists.fedoraproject.org, psabata(a)redhat.com
Assignee: mmaslano(a)redhat.com
Summary: Net-DNS: system configuration is used instead of
user's
Regression: ---
Story Points: ---
Classification: Fedora
OS: Unspecified
Reporter: mmaslano(a)redhat.com
Type: Bug
Documentation: ---
Hardware: Unspecified
Mount Type: ---
Status: NEW
Component: perl-Net-DNS
Product: Fedora
External Bug ID: CPAN 67602
If I define my own configuration file, system files are used, which could be
security issue. Example: My configuration file is defined as: my $res =
Net::DNS::Resolver->new(config_file => '/my/dns.conf'); These files are read
even if I defined my own file: /etc/resolv.conf $HOME/.resolv.conf
./.resolv.conf Last 2 files shouldn't be read by default since it's possible
security issue - user can drop .resolv.conf pointing to malicious dns server.
This issue was found during testing spamassassin with selinux. For details see:
https://bugzilla.redhat.com/sh ow_bug.cgi?id=628866#c2
I'm reporting this error back into our bugzilla because of last comment in rt:
I think the level of this PR should be elevated to 'security'.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=831716
Bug ID: 831716
QA Contact: extras-qa(a)fedoraproject.org
Severity: high
Version: 17
Priority: unspecified
CC: emmanuel.seyman(a)club-internet.fr,
perl-devel(a)lists.fedoraproject.org
Assignee: emmanuel.seyman(a)club-internet.fr
Summary: Moving legacy code out of perl-JSON-RPC breaks
Bugzilla
Regression: ---
Story Points: ---
Classification: Fedora
OS: Linux
Reporter: lpsolit(a)netscape.net
Type: Bug
Documentation: ---
Hardware: All
Mount Type: ---
Status: NEW
Component: perl-JSON-RPC
Product: Fedora
Bugzilla still uses legacy code from JSON::RPC and despite the perl-JSON-RPC
package is installed, which makes checksetup.pl happy, the JSON-RPC feature of
Bugzilla fails because it cannot find the legacy code. This also prevents
Apache from starting when mod_perl is enabled:
httpd[1938]: Can't locate JSON/RPC/Legacy/Server/CGI.pm in @INC
So the legacy code is still required by Bugzilla, and checksetup.pl and
Bugzilla re confused by this package split.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1054061
Bug ID: 1054061
Summary: Segfault in Perl_gv_fetchpvn_flags when trying to
initialize back_perl openldap backend
Product: Red Hat Enterprise Linux 7
Version: 7.0
Component: perl
Assignee: perl-maint-list(a)redhat.com
Reporter: jsynacek(a)redhat.com
QA Contact: qe-baseos-apps(a)redhat.com
CC: cweyl(a)alumni.drew.edu, hyc(a)symas.com,
iarnell(a)gmail.com, jplesnik(a)redhat.com, kasal(a)ucw.cz,
lkundrak(a)v3.sk, mmaslano(a)redhat.com,
perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com,
psabata(a)redhat.com, rc040203(a)freenet.de,
tcallawa(a)redhat.com
Depends On: 967719
Group: devel
External Bug ID: OpenLDAP ITS 7573
+++ This bug was initially created as a clone of Bug #967719 +++
Description of problem:
When trying to initialize back_perl, a segfault occurs deep in perl itself.
Version-Release number of selected component (if applicable):
perl-5.16.3-264.fc19.x86_64
openldap-2.4.35-4.fc19.x86_64
How reproducible:
Almost always.
Steps to Reproduce:
1. Install fresh F19
2. If you try the reproducer here, all goes well
3. yum install perl-A* (I have no idea why I needed to do this to get it to
segfault)
4. Try reproducer
5. Observe the segfault
6. From now on, reproducer works *without* producing any segfaults. I had to
reboot the machine to be able to reproduce the issue again.
Note on how to use the reproducer:
1. Unpack
2. Run go.sh (warning: it will wipe your /var/lib/ldap/* and your
/etc/openldap/*, so don't run if you use openldap in production)
This will run slapd in debug mode, so you will need another console to run
the rest.
3. Run try.sh
4. If you want to repeat, go to 2.
You can modify go.sh to run slapd through a debugger. However, you will
probably need to set LD_PRELOAD=/usr/lib64/perl5/CORE/libperl.so to be able to
run try.sh.
Actual results:
Perl segfaults.
Expected results:
The back_perl gets initialized without any problems.
Additional info:
This also happens on my production F18, but it happens always. It looks like it
might have something to do with Bug 960048.
--- Additional comment from Jan Synacek on 2013-05-28 08:53:11 CEST ---
Note that in the frame #3, the my_perl variable changes from a (probably valid)
pointer to 0x0.
--- Additional comment from Petr Pisar on 2013-07-03 14:38:09 CEST ---
What's expected output on the client site?
I have patched perl so that it links all XS modules to libperl.so explicitly in
my private F20 machine, and I do not get any segfaults. Instead I just get an
error message from the second command:
$ sh try.sh
SASL/EXTERNAL authentication started
SASL username: gidNumber=500+uidNumber=500,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=module,cn=config"
ldap_add: Insufficient access (50)
SASL/EXTERNAL authentication started
SASL username: gidNumber=500+uidNumber=500,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcDatabase=perl,cn=config"
ldap_add: Invalid syntax (21)
additional info: objectClass: value #1 invalid per syntax
I guess this is how to should work.
If this is the real fix, than this issue will be fixed in F20.
--- Additional comment from Jan Synacek on 2013-07-03 14:57:38 CEST ---
All LDAP operations should succeed without any errors. You don't have
sufficient access rights to modify the LDAP database. Running the script as
root should do it.
You should see something like this:
# ./try.sh
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=module,cn=config"
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcDatabase=perl,cn=config"
ldap_result: Can't contact LDAP server (-1)
The last line indicates the termination (you can see that slapd segfaulted in
the console where you ran go.sh). Expected output would look like the one above
minus the 'ldap_result: ...' line. Plus there may be one additional 'adding new
entry' line.
--- Additional comment from Petr Pisar on 2013-07-03 16:07:01 CEST ---
I run it as a non-root. I get much better results as a root:
# ./try.sh
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=module,cn=config"
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcDatabase=perl,cn=config"
adding new entry "dc=perl-example,dc=com"
However the server sometimes segfaults as you reported.
--- Additional comment from Jan Synacek on 2013-07-04 07:54:23 CEST ---
(In reply to Petr Pisar from comment #4)
> I run it as a non-root. I get much better results as a root:
Yes, that's how the output is supposed to look.
> However the server sometimes segfaults as you reported.
Ok, it's strange that it segfaults only sometimes. Does this mean that you can
reproduce it even with all the perl modules linked to libperl.so explicitly?
--- Additional comment from Petr Pisar on 2013-07-04 09:07:56 CEST ---
I recompiled only modules in perl binary package and openldap for the test. Not
yet all modules that exist. I also reverted the RTLD_GLOBAL patch and checked
slapd does not crashes on linkage error. So the test does not use any
not-yet-rebuild modules.
I conclude this issue is independent on the linking bug #960048. But we will
see more after rebuilding everything.
--- Additional comment from Fedora Admin XMLRPC Client on 2013-08-12 13:50:07
CEST ---
This package has changed ownership in the Fedora Package Database. Reassigning
to the new owner of this component.
--- Additional comment from Howard Chu on 2013-10-13 02:20:16 CEST ---
Please also followup to OpenLDAP ITS#7573 with any conclusions you reach,
thanks.
--- Additional comment from Jan Synacek on 2013-10-16 08:13:38 CEST ---
This problem still occurs in F20.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=967719
[Bug 967719] Segfault in Perl_gv_fetchpvn_flags when trying to initialize
back_perl openldap backend
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=RTtoq7IB5n&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1178357
Bug ID: 1178357
Summary: mojomojo-1.11 is available
Product: Fedora
Version: rawhide
Component: mojomojo
Keywords: FutureFeature, Triaged
Assignee: extras-orphan(a)fedoraproject.org
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: extras-orphan(a)fedoraproject.org, iarnell(a)gmail.com,
perl-devel(a)lists.fedoraproject.org
Latest upstream release: 1.11
Current version/release in Fedora Rawhide: 1.10-6.fc22
URL: http://search.cpan.org/dist/MojoMojo/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring Soon this service
will be implemented by a new system: https://release-monitoring.org/
It will require to manage monitored projects via a new web interface. Please
make yourself familiar with the new system to ease the transition.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=CS8rbtxkSS&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1216928
Bug ID: 1216928
Summary: Wrong license declaration
Product: Fedora
Version: rawhide
Component: perl-Net-DNS-SEC
Assignee: wjhns174(a)hardakers.net
Reporter: ppisar(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: perl-devel(a)lists.fedoraproject.org,
pwouters(a)redhat.com, wjhns174(a)hardakers.net
perl-Net-DNS-SEC-0.22-1.fc23 declares the license as "GPL+ or Artistic".
However, there are many files covered by MIT license. For example SEC.pm:
=head1 LICENSE
Permission to use, copy, modify, and distribute this software and its
documentation for any purpose and without fee is hereby granted, provided
that the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation, and that the name of the author not be used in advertising
or publicity pertaining to distribution of the software without specific
prior written permission.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1139141
Bug ID: 1139141
Summary: perl-Dumbbench-BoxPlot does not support ARM
Product: Fedora
Version: rawhide
Component: perl-SOOT
Assignee: ppisar(a)redhat.com
Reporter: ppisar(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,
perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com
Depends On: 994894
Blocks: 485251 (F-ExcludeArch-ARM)
+++ This bug was initially created as a clone of Bug #994894 +++
perl-Soot requires root which does not support ARM (bug #991031). perl-Soot
will be disabled on ARM.
--- Additional comment from Petr Pisar on 2013-08-08 08:54:26 GMT ---
ARM support disabled in perl-SOOT-0.17-3.fc20.
---
perl-Dumbbench-BoxPlot run-requires perl-SOOT which is not available on ARM.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=485251
[Bug 485251] ExcludeArch Tracker for ARM
https://bugzilla.redhat.com/show_bug.cgi?id=994894
[Bug 994894] perl-Soot does not support ARM
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=ShoZg0yQnv&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=994894
Bug ID: 994894
Summary: perl-Soot does not support ARM
Product: Fedora
Version: rawhide
Component: perl-SOOT
Assignee: ppisar(a)redhat.com
Reporter: ppisar(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com
Depends On: 991031
Blocks: 485251 (F-ExcludeArch-ARM)
perl-Soot requires root which does not support ARM (bug #991031). perl-Soot
will be disabled on ARM.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=CKPzevCLAa&a=cc_unsubscribe
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: FTBFS: big endian bug in self checks
https://bugzilla.redhat.com/show_bug.cgi?id=808197
Summary: FTBFS: big endian bug in self checks
Product: Fedora
Version: 17
Platform: powerpc
OS/Version: Linux
Status: NEW
Severity: high
Priority: medium
Component: perl-Socket-Netlink
AssignedTo: bochecha(a)fedoraproject.org
ReportedBy: karsten(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: fedora-perl-devel-list(a)redhat.com,
bochecha(a)fedoraproject.org
Classification: Fedora
Story Points: ---
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Description of problem:
perl-Socket-Netlink fails to build on PPC as two of the self checks fail, one
of them looks like a big endian bug as the result has a swapped bit:
t/12netlink-message-header.t ..... ok
# Failed test '$message->attrs after unpack'
# at t/13netlink-message-attrs.t line 98.
# Structures begin differing at:
# $got->{str} = ''
# $expected->{str} = 'FGH'
# Looks like you failed 1 test of 14.
t/13netlink-message-attrs.t ......
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/14 subtests
t/14netlink-message-error.t ...... ok
# Failed test '$message->pack'
# at t/20io-socket-netlink-generic.t line 55.
# at bytes 0-0xf (0-15)
# got: | 00 00 00 14 00 1e 00 00 00 00 00 00 00 00 00 00 |................|
# exp: | 00 00 00 14 00 00 00 1e 00 00 00 00 00 00 00 00 |................|
# Looks like you failed 1 test of 13.
Version-Release number of selected component (if applicable):
perl-Socket-Netlink-0.03-4.fc17
How reproducible:
always
Steps to Reproduce:
1. ppc-koji build --scratch f17 perl-Socket-Netlink-0.03-4.fc17.src.rpm
2.
3.
Actual results:
http://ppc.koji.fedoraproject.org/koji/taskinfo?taskID=469988
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: [PATCH] specfile accords to new packaging guidelines
https://bugzilla.redhat.com/show_bug.cgi?id=671445
Summary: [PATCH] specfile accords to new packaging guidelines
Product: Fedora
Version: rawhide
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: unspecified
Priority: unspecified
Component: cpanspec
AssignedTo: steve(a)silug.org
ReportedBy: mmaslano(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: steve(a)silug.org, fedora-perl-devel-list(a)redhat.com
Classification: Fedora
Created attachment 474630
--> https://bugzilla.redhat.com/attachment.cgi?id=474630
add epel option
This patch should remove things, which are not needed according to new
packaging guidelines and latest rpm eg. defining buildroot. The old
behaviour is available under --epel option.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.