perl-devel October 2017

perl-devel@lists.fedoraproject.org

3 participants
324 discussions

[Bug 1377996] New: perl-libxml-perl: Expanding external entities by default
by Red Hat Bugzilla 09 Jan '18

09 Jan '18

https://bugzilla.redhat.com/show_bug.cgi?id=1377996 Bug ID: 1377996 Summary: perl-libxml-perl: Expanding external entities by default Product: Security Response Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: amaris(a)redhat.com CC: jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org, perl-maint-list(a)redhat.com, ppisar(a)redhat.com, psabata(a)redhat.com It was found that XML::LibXML is vulnerable to XXE attack as it has enabled external entity loading by default. Bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838097 -- You are receiving this mail because: You are on the CC list for the bug.

2 14

[Bug 1480480] New: perl-RPM2-1.3-8.fc27 FTBFS: lib/RPM2.xs:157:20: error: 'RPMVSF_NOSHA1' undeclared
by bugzilla＠redhat.com 08 Jan '18

08 Jan '18

https://bugzilla.redhat.com/show_bug.cgi?id=1480480 Bug ID: 1480480 Summary: perl-RPM2-1.3-8.fc27 FTBFS: lib/RPM2.xs:157:20: error: 'RPMVSF_NOSHA1' undeclared Product: Fedora Version: rawhide Component: perl-RPM2 Assignee: jplesnik(a)redhat.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, lkundrak(a)v3.sk, perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com perl-RPM2-1.3-8.fc27 fails to build in F27: gcc -I/usr/lib64/perl5/CORE -DVERSION="1.3" -DXS_VERSION="1.3" -fPIC -DRPM2_API=4013 -c -D_REENTRANT -D_GNU_SOURCE -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -fwrapv -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -g -o lib/RPM2.o lib/RPM2.c [...] lib/RPM2.xs: In function 'boot_RPM2': lib/RPM2.xs:154:20: error: 'RPMVSF_NOMD5HEADER' undeclared (first use in this function); did you mean 'RPMVSF_NORSAHEADER'? REGISTER_CONSTANT(RPMVSF_NOMD5HEADER); ^ lib/RPM2.xs:134:70: note: in definition of macro 'REGISTER_CONSTANT' #define REGISTER_CONSTANT(name) _populate_constant(constants, #name, name) ^~~~ lib/RPM2.xs:154:20: note: each undeclared identifier is reported only once for each function it appears in REGISTER_CONSTANT(RPMVSF_NOMD5HEADER); ^ lib/RPM2.xs:134:70: note: in definition of macro 'REGISTER_CONSTANT' #define REGISTER_CONSTANT(name) _populate_constant(constants, #name, name) ^~~~ lib/RPM2.xs:157:20: error: 'RPMVSF_NOSHA1' undeclared (first use in this function); did you mean 'RPMVSF_NORSA'? REGISTER_CONSTANT(RPMVSF_NOSHA1); ^ lib/RPM2.xs:134:70: note: in definition of macro 'REGISTER_CONSTANT' #define REGISTER_CONSTANT(name) _populate_constant(constants, #name, name) ^~~~ This is caused by upgrading rpm-devel from 4.13.0.1-41.fc27 to 4.13.90-0.git14002.1.fc27. <https://fedoraproject.org//wiki/Changes/RPM-4.14> mentions MD5 and SHA1 removal. -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 1473017] New: amavisd-new-2.11.0-1 has issue with DCC, can' t write to /etc/dcc
by bugzilla＠redhat.com 08 Jan '18

08 Jan '18

https://bugzilla.redhat.com/show_bug.cgi?id=1473017 Bug ID: 1473017 Summary: amavisd-new-2.11.0-1 has issue with DCC, can't write to /etc/dcc Product: Fedora EPEL Version: epel7 Component: amavisd-new Severity: low Assignee: j.orti.alcaine(a)gmail.com Reporter: pb(a)bieringer.de QA Contact: extras-qa(a)fedoraproject.org CC: janfrode(a)tanso.net, j.orti.alcaine(a)gmail.com, perl-devel(a)lists.fedoraproject.org, steve(a)silug.org, vanmeeuwen+fedora(a)kolabsys.com Description of problem: since upgrading EL7 system strange DCC messages are occuring. Version-Release number of selected component (if applicable): amavisd-new-2.11.0-1 How reproducible: always Steps to Reproduce: 1. have amavisd+spamassassin+DCC installed Actual results: Jul 19 22:29:57 *** dccproc[29496]: open(/etc/dcc/map): Permission denied Jul 19 22:29:57 *** dccproc[29496]: lock_open(/etc/dcc/whiteclnt.dccx): Permission denied; file not writeable for locking Expected results: Working as before the update Additional info: related systemd unit file changed, 2.11.0-1 added: ProtectSystem=full This prevents dccproc from writing to /etc/dcc "Workaround": reduce restriction to ProtectSystem=true Looks like systemd.exec is missing a feature, because ReadWritePaths=-/etc/dcc is not supported on ProtectSystem=full, only on ProtectSystem=strict (which is even more hard...) Imho "full" should already honor ReadWritePaths -- You are receiving this mail because: You are on the CC list for the bug.

1 6

[Bug 1408326] New: build for EPEL7
by Red Hat Bugzilla 02 Jan '18

02 Jan '18

https://bugzilla.redhat.com/show_bug.cgi?id=1408326 Bug ID: 1408326 Summary: build for EPEL7 Product: Fedora EPEL Version: epel7 Component: perl-EV Assignee: emmanuel(a)seyman.fr Reporter: carl.george(a)rackspace.com QA Contact: extras-qa(a)fedoraproject.org CC: emmanuel(a)seyman.fr, perl-devel(a)lists.fedoraproject.org I'm a co-maintainer of uwsgi in Fedora and EPEL. Uwsgi has a subpackage for a coroae plugin, but it is disabled on EPEL7 because it needs perl-Coro, which needs this package. Please consider adding an EPEL7 branch for perl-EV so that I can enable the uwsgi-plugin-coroae subpackage for EPEL7. -- You are receiving this mail because: You are on the CC list for the bug.

2 11

[Bug 1497010] New: perl-Log-Any-1.700 is available
by bugzilla＠redhat.com 19 Dec '17

19 Dec '17

https://bugzilla.redhat.com/show_bug.cgi?id=1497010 Bug ID: 1497010 Summary: perl-Log-Any-1.700 is available Product: Fedora Version: rawhide Component: perl-Log-Any Keywords: FutureFeature, Triaged Assignee: TicoTimo(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, steve(a)silug.org, TicoTimo(a)gmail.com, xavier(a)bachelot.org Latest upstream release: 1.700 Current version/release in rawhide: 1.049-4.fc27 URL: http://search.cpan.org/dist/Log-Any/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/6480/ -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1484066] New: $daemon_group in /etc/amavisd/amavisd.conf doesn' t set the daemon group
by bugzilla＠redhat.com 12 Dec '17

12 Dec '17

https://bugzilla.redhat.com/show_bug.cgi?id=1484066 Bug ID: 1484066 Summary: $daemon_group in /etc/amavisd/amavisd.conf doesn't set the daemon group Product: Fedora Version: rawhide Component: amavisd-new Severity: low Priority: low Assignee: j.orti.alcaine(a)gmail.com Reporter: dhill(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: j.orti.alcaine(a)gmail.com, perl-devel(a)lists.fedoraproject.org, steve(a)silug.org, vanmeeuwen+fedora(a)kolabsys.com Description of problem: $daemon_group in /etc/amavisd/amavisd.conf doesn't set the daemon group Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Change $daemon_group to virusgroup 2. Restart the daemon 3. Actual results: The process is still using the amavis group Expected results: The process should be using virusgroup group Additional info: If I change it in the systemd unit file, it works as expected. -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1029710] New: Amavisd fails to identify attached zipped files with .exe extensions
by Red Hat Bugzilla 12 Dec '17

12 Dec '17

https://bugzilla.redhat.com/show_bug.cgi?id=1029710 Bug ID: 1029710 Summary: Amavisd fails to identify attached zipped files with .exe extensions Product: Fedora EPEL Version: el6 Component: amavisd-new Severity: medium Assignee: steve(a)silug.org Reporter: s10dal(a)elrepo.org QA Contact: extras-qa(a)fedoraproject.org CC: janfrode(a)tanso.net, kanarip(a)kanarip.com, perl-devel(a)lists.fedoraproject.org, steve(a)silug.org Description of problem: Mail attachments containing zipped files with .exe extensions are not properly identified due to a failure of 7za (p7zip) as called by amavisd to correctly list the contents of the zipped file. Based on maillog errors, the failure appears to be due to an improperly composed 7za option, specifically -w not being separated from the target by a separator (e.g., space character). Manually executing 7za using the options noted in the maillog error (see below) demonstrates the need to insert a separator between the -w option and the target. Fails: $ 7za l -slt -w./contains_exe.zip Works: $ 7za l -slt -w ./contains_exe.zip Also, this issue may be specific to EL6. This issue came to my attention because an EL6 mail server acting as a Backup MX for an EL5 mail server was forwarding zipped exe attachments, which were correctly identified and quarantined on the EL5 system. Version-Release number of selected component (if applicable): # uname -rpmi 2.6.32-358.23.2.el6.i686 i686 i686 i386 # rpm -q amavisd-new p7zip amavisd-new-2.8.0-4.el6.noarch p7zip-9.20.1-2.el6.i686 How reproducible: Very. Observed on 3 EL6 mail servers. Steps to Reproduce: 1. Install/configure postfix, amavisd-new, clam\*, etc. 2. Create a test attachment: $ touch test.exe $ 7za a -tzip test_exe.zip test.exe 3. Send a mail with test_exe.zip attached 4. Check /var/log/maillog for the specific error Actual results: From /var/log/maillog: Nov 12 17:17:46 Mail amavis[1568]: (28807-12) (!)run_command: child process [1568]: run_command: failed to exec /usr/bin/7za l -slt -w/var/spool/amavisd/tmp/amavis-20131112T051218-28807-HPbWePoN/parts -- /var/spool/amavisd/tmp/amavis-20131112T051218-28807-HPbWePoN/parts/p002: 13 at /usr/sbin/amavisd line 4062. Nov 12 17:17:46 Mail amavis[28807]: (28807-12) (!)Decoding of p002 (Zip archive data, at least v1.0 to extract) failed, leaving it unpacked: do_7zip: can't get a list of archive members: exit 6; at (eval 117) line 781. Expected results: Identify zipped exe file as such. Additional info: It may not be relevant to the observed error, but 8 months ago, amavisd-new and clam\* were converted from RepoForge/RPMforge versions to EPEL versions. Except for a few initial hiccups, the mail servers have been running without apparent issues until the current 7za issue was observed. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=KMKdGzsZdn&a=cc_unsubscribe

2 11

[Bug 1283764] New: Use of uninitialized value in numeric eq (==) at /usr/share/perl5/vendor_perl/File/Tail.pm line 391
by Red Hat Bugzilla 12 Dec '17

12 Dec '17

https://bugzilla.redhat.com/show_bug.cgi?id=1283764 Bug ID: 1283764 Summary: Use of uninitialized value in numeric eq (==) at /usr/share/perl5/vendor_perl/File/Tail.pm line 391 Product: Fedora Version: 23 Component: perl-File-Tail Assignee: tcallawa(a)redhat.com Reporter: h.reindl(a)thelounge.net QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, tcallawa(a)redhat.com Nov 19 12:20:09 testserver perl: Use of uninitialized value in numeric eq (==) at /usr/share/perl5/vendor_perl/File/Tail.pm line 391 i guess mailgraph triggers that bug [root@testserver:~]$ rpm -q --file /usr/share/perl5/vendor_perl/File/Tail.pm perl-File-Tail-1.3-1.fc23.noarch -- You are receiving this mail because: You are on the CC list for the bug.

2 17

[Bug 1309199] New: Rebuilding perl-DBD-MySQL-4.033-2.fc24 results into unresolvable mysql.so: symbol mysql_read_query_result, version libmysqlclient_16 not defined in file libmysqlclient.so.18 with link time reference
by Red Hat Bugzilla 12 Dec '17

12 Dec '17

https://bugzilla.redhat.com/show_bug.cgi?id=1309199 Bug ID: 1309199 Summary: Rebuilding perl-DBD-MySQL-4.033-2.fc24 results into unresolvable mysql.so: symbol mysql_read_query_result, version libmysqlclient_16 not defined in file libmysqlclient.so.18 with link time reference Product: Fedora Version: rawhide Component: perl-DBD-MySQL Assignee: jplesnik(a)redhat.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, mmaslano(a)redhat.com, perl-devel(a)lists.fedoraproject.org If I rebuild perl-DBD-MySQL-4.033-2.fc24 against current mariadb-devel-10.1.11-8.fc24.x86_64, resulting /usr/lib64/perl5/vendor_perl/auto/DBD/mysql/mysql.so will be unusable: # ldd -r /usr/lib64/perl5/vendor_perl/auto/DBD/mysql/mysql.so linux-vdso.so.1 (0x00007ffcdf58d000) libmysqlclient.so.18 => /usr/lib64/mysql/libmysqlclient.so.18 (0x00007fb05a510000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fb05a2f2000) libz.so.1 => /lib64/libz.so.1 (0x00007fb05a0dc000) libm.so.6 => /lib64/libm.so.6 (0x00007fb059dd2000) libdl.so.2 => /lib64/libdl.so.2 (0x00007fb059bce000) libssl.so.10 => /lib64/libssl.so.10 (0x00007fb059953000) libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007fb0594f5000) libperl.so.5.22 => /lib64/libperl.so.5.22 (0x00007fb05910a000) libc.so.6 => /lib64/libc.so.6 (0x00007fb058d33000) libstdc++.so.6 => /lib64/libstdc++.so.6 (0x00007fb0589a9000) /lib64/ld-linux-x86-64.so.2 (0x0000564c658f5000) libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007fb05875d000) libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fb058476000) libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fb058272000) libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007fb058040000) libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fb057e24000) libnsl.so.1 => /lib64/libnsl.so.1 (0x00007fb057c0b000) libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007fb0579d5000) libutil.so.1 => /lib64/libutil.so.1 (0x00007fb0577d1000) libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007fb0575ba000) libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007fb0573ab000) libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fb0571a6000) libfreebl3.so => /lib64/libfreebl3.so (0x00007fb056f29000) libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fb056d06000) libpcre.so.1 => /lib64/libpcre.so.1 (0x00007fb056a91000) symbol mysql_read_query_result, version libmysqlclient_16 not defined in file libmysqlclient.so.18 with link time reference (/usr/lib64/perl5/vendor_perl/auto/DBD/mysql/mysql.so) [...] This prevents other Perl modules from using DBD::MySQL. -- You are receiving this mail because: You are on the CC list for the bug.

2 16

[Bug 1462406] New: Perl-Tk widget demo fails to display earth.gif
by bugzilla＠redhat.com 12 Dec '17

12 Dec '17

https://bugzilla.redhat.com/show_bug.cgi?id=1462406 Bug ID: 1462406 Summary: Perl-Tk widget demo fails to display earth.gif Product: Fedora Version: 25 Component: perl-Tk Severity: low Assignee: andreas.bierfert(a)lowlatency.de Reporter: hanspetersorge(a)netscape.net QA Contact: extras-qa(a)fedoraproject.org CC: andreas.bierfert(a)lowlatency.de, perl-devel(a)lists.fedoraproject.org Description of problem: in Perl/Tk Widget Demonstrations Photos and Images 2. Alpha channel compositing. the earth.gif does not display. Version-Release number of selected component (if applicable): perl-Tk-804.033-5.fc25.x86_64 How reproducible: Steps to Reproduce: 1. cd /usr/share/doc/perl-Tk; ./widget 2. select: Alpha channel compositing. Actual results: earth.gif not diplayed Expected results: display of earth.gif Additional info: ./widget searches from strace: /usr/share/doc/perl-Tk/demos/widget_lib/Tk/demos/images/earth.gif /usr/local/lib64/perl5/Tk/demos/images/earth.gif /usr/local/share/perl5/Tk/demos/images/earth.gif /usr/lib64/perl5/vendor_perl/Tk/demos/images/earth.gif /usr/share/perl5/vendor_perl/Tk/demos/images/earth.gif /usr/lib64/perl5/Tk/demos/images/earth.gif /usr/share/perl5/Tk/demos/images/earth.gif ./Tk/demos/images/earth.gif actual path of earth.gif: /usr/share/doc/perl-Tk/demos/images/earth.gif Temporary fix: su cd /usr/share/doc/perl-Tk/demos/widget_lib ln -s ../.. Tk -- You are receiving this mail because: You are on the CC list for the bug.

1 2

← Newer
1
...
7
8
9
10
11
12
13
...
33
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

perl-devel October 2017