#1581: javasqlite-20090409-3.fc11 F-11 freeze exception
Fedora Release Engineering
rel-eng at fedoraproject.org
Tue Apr 21 21:25:45 UTC 2009
#1581: javasqlite-20090409-3.fc11 F-11 freeze exception
------------------+---------------------------------------------------------
Reporter: scop | Owner: rel-eng at lists.fedoraproject.org
Type: task | Status: new
Milestone: | Component: koji
Keywords: |
------------------+---------------------------------------------------------
koji build javasqlite-20090409-3.fc11 disables sqlite extension loading
which was initially enabled in 20090409-1.fc11. Extension loading in this
case is a potential security issue as it allows code that has access to
the library in a JVM to load arbitrary native code into the JVM bypassing
its security manager checks.
Due to the nature of this issue and after discussing it with upstream, I'm
requesting a F-11 freeze exception.
I've verified from the koji build logs that extension loading is indeed
off in this build (-DHAVE_SQLITE3_LOAD_EXTENSION=0). This should not be a
backwards compatibility issue as extension loading was on only about 10
days in Rawhide/F-11 -only builds.
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/1581>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project
More information about the rel-eng
mailing list