[Bug 1285807] New: Opening About Slic3r dialog window crashes
slic3r
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1285807
Bug ID: 1285807
Summary: Opening About Slic3r dialog window crashes slic3r
Product: Fedora
Version: 23
Component: slic3r
Assignee: mhroncok(a)redhat.com
Reporter: tomg(a)ipass.net
QA Contact: extras-qa(a)fedoraproject.org
CC: mhroncok(a)redhat.com,
perl-devel(a)lists.fedoraproject.org
Description of problem:
Opening the About Slic3r dialog window crashes slic3r everytime
Version-Release number of selected component (if applicable):
slic3r-1.2.9-3.fc23.x86_64
How reproducible:
Everytime
Steps to Reproduce:
1. Start program
2. Select About Slic3r from the Help pulldown menu (Help -> About Slic3r)
3.
Actual results:
App crashes instantly
Expected results:
Should see the about dialog window.
Additional info:
Output from the terminal
$ slic3r
(slic3r:3135): Gtk-WARNING **: gtk_widget_size_allocate(): attempt to allocate
widget with width -5 and height 17
(slic3r:3135): Gtk-WARNING **: gtk_widget_size_allocate(): attempt to allocate
widget with width -5 and height 17
(slic3r:3135): Gtk-WARNING **: gtk_widget_size_allocate(): attempt to allocate
widget with width -5 and height 17
Error while autoloading 'Wx::wxCLOSE' at
/usr/share/perl5/vendor_perl/Slic3r/GUI/AboutDialog.pm line 69.
--
You are receiving this mail because:
You are on the CC list for the bug.
7 years, 7 months
[Bug 1273668] New: to_string() appends 'undef' to array attribute
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1273668
Bug ID: 1273668
Summary: to_string() appends 'undef' to array attribute
Product: Fedora EPEL
Version: epel7
Component: perl-Exception-Base
Severity: low
Assignee: paul(a)city-fan.org
Reporter: jim(a)apnic.net
QA Contact: extras-qa(a)fedoraproject.org
CC: paul(a)city-fan.org, perl-devel(a)lists.fedoraproject.org
Description of problem:
Invoking to_string has the side effect of appending 'undef' to an array
attribute.
Version-Release number of selected component (if applicable):
perl-Exception-Base-0.2500-1.el7.noarch.rpm
perl v5.16.3
How reproducible:
Always
Steps to Reproduce:
Can reproduce with this perl script:
#!/bin/perl
use warnings;
use strict;
use Data::Dumper;
use Exception::Base
'MyException', => {
message => 'Validation error',
has => [ qw(class errors) ],
string_attributes => [ 'message', 'class', 'errors' ]
};
eval {
MyException->throw(
class => __PACKAGE__,
errors => ["error 1", "error 2", "error 3"]
);
};
my $exception = $@;
print( Dumper($exception->errors()) . "\n");
$exception->to_string();
print( Dumper($exception->errors()) . "\n");
Actual results:
Can see an additional 'undef' in the array returned after invoking to_string();
Expected results:
The returned array should be the same as when thrown.
Additional info:
--
You are receiving this mail because:
You are on the CC list for the bug.
7 years, 7 months
[Bug 1230219] New: perl-Plack-1.0036 is available
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1230219
Bug ID: 1230219
Summary: perl-Plack-1.0036 is available
Product: Fedora
Version: rawhide
Component: perl-Plack
Assignee: rc040203(a)freenet.de
Reporter: rc040203(a)freenet.de
QA Contact: extras-qa(a)fedoraproject.org
CC: perl-devel(a)lists.fedoraproject.org,
rc040203(a)freenet.de
Upstream released Plack-1.0036
Unfortunately this update introduced a couple dependencies on further
perl-modules which are not yet available in Fedora.
--
You are receiving this mail because:
You are on the CC list for the bug.
7 years, 8 months
[Bug 1268777] New: CVE-2015-7686 perl-Email-Address: denial of service when parsing crafted email address list
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1268777
Bug ID: 1268777
Summary: CVE-2015-7686 perl-Email-Address: denial of service
when parsing crafted email address list
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: mprpic(a)redhat.com
CC: perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, rob.myers(a)gtri.gatech.edu,
tcallawa(a)redhat.com
A flaw in the parsing of email address lists was found in perl-Email-Address:
Algorithmic complexity vulnerability in Address.pm in the Email-Address module
1.908 and earlier for Perl allows remote attackers to cause a denial of service
(CPU consumption) via a crafted string containing a list of e-mail addresses in
conjunction with parenthesis characters that can be associated with nested
comments. NOTE: the default configuration in 1.908 mitigates this vulnerability
but misparses certain realistic comments.
Further information:
http://seclists.org/oss-sec/2015/q3/644
http://seclists.org/oss-sec/2015/q4/22
--
You are receiving this mail because:
You are on the CC list for the bug.
7 years, 9 months
[Bug 1268778] New: CVE-2015-7686 perl-Email-Address: denial of service when parsing crafted email address list [fedora-all]
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1268778
Bug ID: 1268778
Summary: CVE-2015-7686 perl-Email-Address: denial of service
when parsing crafted email address list [fedora-all]
Product: Fedora
Version: 22
Component: perl-Email-Address
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: tcallawa(a)redhat.com
Reporter: mprpic(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: perl-devel(a)lists.fedoraproject.org,
tcallawa(a)redhat.com
Blocks: 1268777 (CVE-2015-7686)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1268777
[Bug 1268777] CVE-2015-7686 perl-Email-Address: denial of service when
parsing crafted email address list
--
You are receiving this mail because:
You are on the CC list for the bug.
7 years, 9 months
[Bug 1101265] New: perl-libwww-perl: incorrect handling of SSL certificate verification [fedora-all]
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1101265
Bug ID: 1101265
Summary: perl-libwww-perl: incorrect handling of SSL
certificate verification [fedora-all]
Product: Fedora
Version: 20
Component: perl-LWP-Protocol-https
Keywords: FutureFeature
Severity: high
Priority: high
Assignee: ppisar(a)redhat.com
Reporter: ppisar(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: jpazdziora(a)redhat.com, jplesnik(a)redhat.com,
mmaslano(a)redhat.com, mzazrivec(a)redhat.com,
perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com,
psabata(a)redhat.com
+++ This bug was initially created as a clone of Bug #1094442 +++
[...]
--- Additional comment from Jan Pazdziora on 2014-05-26 10:55:43 GMT ---
(In reply to Petr Pisar from comment #9)
> Thank you for the report. However there are two mistakes:
>
> (1) The IO::Socket::SSL::new option is "SSL_verifycn_scheme", not
> "SSL_verifycn_schema". Thus you could not find it in the documentation.
Ahh, sorry about that
.
> (2) The 6.04-3 behavior was flawed. As you can read in the upstream bug
> report, the "SSL_verify_mode" option is about checking hostname. It's not
> intended to control certificate validation. The same applies to
> "PERL_LWP_SSL_VERIFY_HOSTNAME" environment variable. 6.04-4 has restored the
> behavior which presented before 6.04.
So what is the way for making HTTP requests to websites with self-signed
certificates from perl, if the user does not care about the CA chain
validation?
In other way, what is the way for making LWP behave the same way it used to
behave with pre-6 version?
--- Additional comment from Petr Pisar on 2014-05-26 11:20:51 GMT ---
There is no LWP environment variable or command line option to control that
currently.
It's possible to pass ssl_opts => {SSL_verify_mode =>
IO::Socket::SSL::SSL_VERIFY_NONE} to LWP::UserAgent::new if you write your own
LWP application.
This is also discussed in the upstream report.
The reason why the PERL_LWP_SSL_VERIFY_HOSTNAME seemed to work before is the
IO::Socket::SSL < 1.950 defaulted to SSL_VERIFY_NONE. This has not been true
since Fedora 20. Unfortunately Fedora 20 delivered the flawed
LWP::Protocol::https, so it was not visible.
I agree with you that there should be way how to disable the certificate
validation externally.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=vNjL2yMVw5&a=cc_unsubscribe
7 years, 9 months
[Bug 1281886] New: selinux causes RT to prevent httpd from starting
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1281886
Bug ID: 1281886
Summary: selinux causes RT to prevent httpd from starting
Product: Fedora
Version: 22
Component: rt
Assignee: rc040203(a)freenet.de
Reporter: tibbs(a)math.uh.edu
QA Contact: extras-qa(a)fedoraproject.org
CC: perl-devel(a)lists.fedoraproject.org,
rc040203(a)freenet.de, tibbs(a)math.uh.edu
This is really just a heads up, and should probably be reassigned to
selinux-policy, but I wanted to run it by you to make sure it's not an RT issue
first.
Basically, httpd updated last night, which means it restarted. Unfortunately
this failed:
Nov 13 09:57:43 rt2.math.uh.edu httpd[23688]: AH00526: Syntax error on line 29
of /etc/httpd/conf.d/virt-rt.conf:
Nov 13 09:57:43 rt2.math.uh.edu httpd[23688]: Cannot write to
'/var/log/rt/rt.log': Permission denied at
/usr/share/perl5/vendor_perl/Log/Dispatch/File.pm line 107.\n
Line 29 is the Plack setup, which fails; there's nothing actually wrong with
the syntax of the apache configuration file.
<Perl>
use Plack::Handler::Apache2;
Plack::Handler::Apache2->preload("/usr/sbin/rt-server");
</Perl>
And it can't read /var/log/rt.log because of:
time->Fri Nov 13 03:33:30 2015
type=AVC msg=audit(1447407210.438:3285): avc: denied { open } for pid=12191
comm="/usr/sbin/rt-se" path="/var/log/rt/rt.log" dev="dm-1" ino=393970
scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:var_log_t:s0
tclass=file permissive=0
setenforce 0 fixes it, of course, and after that there are no additional AVCs.
My guess is that this broke with a selinux policy update (the last one was
selinux-policy-targeted-3.13.1-128.18.fc22.noarch on October 29th) but nothing
actually failed until httpd restarted last night.
--
You are receiving this mail because:
You are on the CC list for the bug.
7 years, 9 months
[Bug 1155218] New: Possible precedence issue with control flow operator
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1155218
Bug ID: 1155218
Summary: Possible precedence issue with control flow operator
Product: Fedora
Version: rawhide
Component: perl-Mail-Sender
Assignee: tcallawa(a)redhat.com
Reporter: rc040203(a)freenet.de
QA Contact: extras-qa(a)fedoraproject.org
CC: perl-devel(a)lists.fedoraproject.org,
tcallawa(a)redhat.com
Description of problem:
When running perl-Log-Dispatch-2.44's testsuite on rawhide, I am facing this
warning:
...
Possible precedence issue with control flow operator at
/usr/share/perl5/vendor_perl/Mail/Sender.pm line 2679.
...
Version-Release number of selected component (if applicable):
perl-Mail-Sender-0.8.21-6.fc22
I am not observing this warning with perl-Mail-Sender-0.8.23, which makes me
believe this issue already has been resolved upstream.
Therefore, I am going to upgrade perl-Mail-Sender to 0.8.23.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=U1QQiGJzYI&a=cc_unsubscribe
7 years, 9 months