A package in review causing me some concern
by Paul F. Johnson
Hi,
I think this is the correct list to email this problem to, if it isn't,
please forgive me.
I have a package in review (BZ #203257 - jfbterm) which I have some
concerns about - namely the following
8-->
%{__cat} > 60-jfbterm.perms <<EOF
# permission definitions
<console> 0660 /dev/tty0 0660 root
<console> 0600 /dev/console 0600 root
EOF
%{__mkdir_p} -m 755 %{buildroot}%{_sysconfdir}/security/console.perms.d
%{__install} -m 644 60-jfbterm.perms \
%{buildroot}%{_sysconfdir}/security/console.perms.d/
<--8
I'm not overly happy with this, but would appreciate some advice on it -
I'm not letting the package through due to this concern.
TTFN
Paul
--
"Ist du meine Mutter?" - der leerkinde
17 years, 8 months
[Bug 202019] New: CVE-2006-4028, wordpress: multiple vulnerabilities
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=202019
Summary: CVE-2006-4028, wordpress: multiple vulnerabilities
Product: Fedora Extras
Version: fc4
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: wordpress
AssignedTo: jwb(a)redhat.com
ReportedBy: mattdm(a)mattdm.org
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
This also affects FE4.
+++ This bug was initially created as a clone of Bug #201989 +++
CVE-2006-4028: Multiple unspecified vulnerabilities in WordPress before 2.0.4
have unknown impact and remote attack vectors.
http://wordpress.org/development/2006/07/wordpress-204/: WordPress 2.0.4, the
latest stable release in our Duke series, is available for immediate download.
This release contains several important security fixes, so it’s highly
recommended for all users.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 8 months
[Bug 201989] New: CVE-2006-4028, wordpress: multiple vulnerabilities
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=201989
Summary: CVE-2006-4028, wordpress: multiple vulnerabilities
Product: Fedora Extras
Version: fc5
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: wordpress
AssignedTo: jwb(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
CVE-2006-4028: Multiple unspecified vulnerabilities in WordPress before 2.0.4
have unknown impact and remote attack vectors.
http://wordpress.org/development/2006/07/wordpress-204/: WordPress 2.0.4, the
latest stable release in our Duke series, is available for immediate download.
This release contains several important security fixes, so it’s highly
recommended for all users.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 8 months
[Bug 200357] major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200357
------- Additional Comments From icon(a)fedoraproject.org 2006-08-10 11:21 EST -------
Thanks for your hard work!
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 8 months
[Bug 200357] major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200357
djuran(a)redhat.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution| |CURRENTRELEASE
Fixed In Version| |FC5
------- Additional Comments From djuran(a)redhat.com 2006-08-10 10:41 EST -------
So I guess this issue can (finally) be closed.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 8 months
[Bug 200357] major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200357
------- Additional Comments From updates(a)fedora.redhat.com 2006-08-08 18:27 EST -------
firefox-1.5.0.6-2.fc5 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 9 months
[Bug 200357] major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200357
------- Additional Comments From jkeating(a)redhat.com 2006-08-08 13:50 EST -------
It had failed to build on s390, an arch I thought I had disabled for FC5 updates
building. I've fixed the glitch and attempting to build the update now for
publishing later today.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 9 months
[Bug 200357] major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: major (public) security flaws fixed in firefox 1.5.0.5: CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803,CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200357
------- Additional Comments From fedora(a)leemhuis.info 2006-08-08 13:32 EST -------
(In reply to comment #4)
> Why are we still on 1.5.0.4?
We still are AFAICS -- 1.5.0.5 was commited to CVS some days ago (thx Kai!)
afaics, but not published yet. That's why I made noise on f-a-b today. See:
https://www.redhat.com/archives/fedora-advisory-board/2006-August/msg0005...
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 9 months
