https://bugzilla.redhat.com/show_bug.cgi?id=2003771
Bug ID: 2003771
Summary: sisu-0.3.5 is available
Product: Fedora
Version: rawhide
Status: NEW
Component: sisu
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: eclipse-sig(a)lists.fedoraproject.org,
java-maint-sig(a)lists.fedoraproject.org,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, sochotni(a)redhat.com
Target Milestone: ---
Classification: Fedora
Latest upstream release: 0.3.5
Current version/release in rawhide: 0.3.4-7.fc35
URL: http://eclipse.org/sisu
Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/20407/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2003771
https://bugzilla.redhat.com/show_bug.cgi?id=1902826
Bug ID: 1902826
Summary: CVE-2020-27218 jetty: buffer not correctly recycled in
Gzip Request inflation
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: abenaiss(a)redhat.com, aboyko(a)redhat.com,
aileenc(a)redhat.com, akoufoud(a)redhat.com,
alazarot(a)redhat.com, almorale(a)redhat.com,
anstephe(a)redhat.com, aos-bugs(a)redhat.com,
ataylor(a)redhat.com, bmontgom(a)redhat.com,
btofel(a)redhat.com, chazlett(a)redhat.com,
drieden(a)redhat.com,
eclipse-sig(a)lists.fedoraproject.org,
eparis(a)redhat.com, etirelli(a)redhat.com,
ganandan(a)redhat.com, ggaughan(a)redhat.com,
gmalinko(a)redhat.com, gvarsami(a)redhat.com,
ibek(a)redhat.com, janstey(a)redhat.com,
java-maint(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jburrell(a)redhat.com, jcoleman(a)redhat.com,
jjohnstn(a)redhat.com, jochrist(a)redhat.com,
jokerman(a)redhat.com, jstastny(a)redhat.com,
jwon(a)redhat.com, kconner(a)redhat.com,
krathod(a)redhat.com, krzysztof.daniel(a)gmail.com,
kverlaen(a)redhat.com, ldimaggi(a)redhat.com,
mat.booth(a)redhat.com, mizdebsk(a)redhat.com,
mnovotny(a)redhat.com, nstielau(a)redhat.com,
nwallace(a)redhat.com, pbhattac(a)redhat.com,
pdrozd(a)redhat.com, pjindal(a)redhat.com,
rrajasek(a)redhat.com, rsynek(a)redhat.com,
rwagner(a)redhat.com, sdaley(a)redhat.com,
sd-operator-metering(a)redhat.com, sochotni(a)redhat.com,
sponnaga(a)redhat.com, sthorger(a)redhat.com,
tcunning(a)redhat.com, tkirby(a)redhat.com,
vbobade(a)redhat.com
Target Milestone: ---
Classification: Other
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to
10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation
is enabled and requests from different clients are multiplexed onto a single
connection, and if an attacker can send a request with a body that is received
entirely but not consumed by the application, then a subsequent request on the
same connection will see that body prepended to its body. The attacker will not
see any data but may inject data into the body of the subsequent request.
References:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1987437
Bug ID: 1987437
Summary: eclipse-egit: FTBFS in Fedora rawhide/f35
Product: Fedora
Version: rawhide
Status: NEW
Component: eclipse-egit
Assignee: akurtako(a)redhat.com
Reporter: releng(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, andjrobins(a)gmail.com,
eclipse-sig(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, mat.booth(a)gmail.com,
rgrunber(a)redhat.com, rob.myers(a)gtri.gatech.edu
Blocks: 1927309 (F35FTBFS,RAWHIDEFTBFS)
Target Milestone: ---
Classification: Fedora
eclipse-egit failed to build from source in Fedora rawhide/f35
https://koji.fedoraproject.org/koji/taskinfo?taskID=72340515
For details on the mass rebuild see:
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Please fix eclipse-egit at your earliest convenience and set the bug's status
to
ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks,
eclipse-egit will be orphaned. Before branching of Fedora 36,
eclipse-egit will be retired, if it still fails to build.
For more details on the FTBFS policy, please visit:
https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1927309
[Bug 1927309] Fedora 35 FTBFS Tracker
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1987441
Bug ID: 1987441
Summary: eclipse-jgit: FTBFS in Fedora rawhide/f35
Product: Fedora
Version: rawhide
Status: NEW
Component: eclipse-jgit
Assignee: akurtako(a)redhat.com
Reporter: releng(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, andjrobins(a)gmail.com,
eclipse-sig(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, mat.booth(a)gmail.com,
rgrunber(a)redhat.com
Blocks: 1927309 (F35FTBFS,RAWHIDEFTBFS)
Target Milestone: ---
Classification: Fedora
eclipse-jgit failed to build from source in Fedora rawhide/f35
https://koji.fedoraproject.org/koji/taskinfo?taskID=72340549
For details on the mass rebuild see:
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Please fix eclipse-jgit at your earliest convenience and set the bug's status
to
ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks,
eclipse-jgit will be orphaned. Before branching of Fedora 36,
eclipse-jgit will be retired, if it still fails to build.
For more details on the FTBFS policy, please visit:
https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1927309
[Bug 1927309] Fedora 35 FTBFS Tracker
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1988028
Bug ID: 1988028
Summary: tycho: FTBFS in Fedora rawhide/f35
Product: Fedora
Version: rawhide
Status: NEW
Component: tycho
Assignee: akurtako(a)redhat.com
Reporter: releng(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com,
eclipse-sig(a)lists.fedoraproject.org,
java-sig-commits(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com, mat.booth(a)gmail.com,
mizdebsk(a)redhat.com, rgrunber(a)redhat.com,
sochotni(a)redhat.com
Blocks: 1927309 (F35FTBFS,RAWHIDEFTBFS)
Target Milestone: ---
Classification: Fedora
tycho failed to build from source in Fedora rawhide/f35
https://koji.fedoraproject.org/koji/taskinfo?taskID=72516669
For details on the mass rebuild see:
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Please fix tycho at your earliest convenience and set the bug's status to
ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks,
tycho will be orphaned. Before branching of Fedora 36,
tycho will be retired, if it still fails to build.
For more details on the FTBFS policy, please visit:
https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1927309
[Bug 1927309] Fedora 35 FTBFS Tracker
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1987439
Bug ID: 1987439
Summary: eclipse-gef: FTBFS in Fedora rawhide/f35
Product: Fedora
Version: rawhide
Status: NEW
Component: eclipse-gef
Assignee: akurtako(a)redhat.com
Reporter: releng(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com,
eclipse-sig(a)lists.fedoraproject.org,
mat.booth(a)gmail.com, rgrunber(a)redhat.com
Blocks: 1927309 (F35FTBFS,RAWHIDEFTBFS)
Target Milestone: ---
Classification: Fedora
eclipse-gef failed to build from source in Fedora rawhide/f35
https://koji.fedoraproject.org/koji/taskinfo?taskID=72340539
For details on the mass rebuild see:
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Please fix eclipse-gef at your earliest convenience and set the bug's status to
ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks,
eclipse-gef will be orphaned. Before branching of Fedora 36,
eclipse-gef will be retired, if it still fails to build.
For more details on the FTBFS policy, please visit:
https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1927309
[Bug 1927309] Fedora 35 FTBFS Tracker
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1987446
Bug ID: 1987446
Summary: eclipse-subclipse: FTBFS in Fedora rawhide/f35
Product: Fedora
Version: rawhide
Status: NEW
Component: eclipse-subclipse
Assignee: akurtako(a)redhat.com
Reporter: releng(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com,
eclipse-sig(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com, mat.booth(a)gmail.com
Blocks: 1927309 (F35FTBFS,RAWHIDEFTBFS)
Target Milestone: ---
Classification: Fedora
eclipse-subclipse failed to build from source in Fedora rawhide/f35
https://koji.fedoraproject.org/koji/taskinfo?taskID=72340605
For details on the mass rebuild see:
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Please fix eclipse-subclipse at your earliest convenience and set the bug's
status to
ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks,
eclipse-subclipse will be orphaned. Before branching of Fedora 36,
eclipse-subclipse will be retired, if it still fails to build.
For more details on the FTBFS policy, please visit:
https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1927309
[Bug 1927309] Fedora 35 FTBFS Tracker
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1987442
Bug ID: 1987442
Summary: eclipse-license: FTBFS in Fedora rawhide/f35
Product: Fedora
Version: rawhide
Status: NEW
Component: eclipse-license
Assignee: akurtako(a)redhat.com
Reporter: releng(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com,
eclipse-sig(a)lists.fedoraproject.org,
mat.booth(a)gmail.com
Blocks: 1927309 (F35FTBFS,RAWHIDEFTBFS)
Target Milestone: ---
Classification: Fedora
eclipse-license failed to build from source in Fedora rawhide/f35
https://koji.fedoraproject.org/koji/taskinfo?taskID=72340559
For details on the mass rebuild see:
https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Please fix eclipse-license at your earliest convenience and set the bug's
status to
ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks,
eclipse-license will be orphaned. Before branching of Fedora 36,
eclipse-license will be retired, if it still fails to build.
For more details on the FTBFS policy, please visit:
https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1927309
[Bug 1927309] Fedora 35 FTBFS Tracker
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2002524
Bug ID: 2002524
Summary: Marketplace eclipse-mpc
Product: Fedora
Version: 34
Hardware: x86_64
OS: Linux
Status: NEW
Component: eclipse-mpc
Severity: high
Assignee: extras-orphan(a)fedoraproject.org
Reporter: flydove(a)qq.com
QA Contact: extras-qa(a)fedoraproject.org
CC: eclipse-sig(a)lists.fedoraproject.org,
extras-orphan(a)fedoraproject.org, mat.booth(a)gmail.com,
rgrunber(a)redhat.com
Target Milestone: ---
Classification: Fedora
Eclipse Marketplace is Not Found On Help Menu
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1933816
Bug ID: 1933816
Summary: CVE-2020-11988 xmlgraphics-commons: SSRF due to
improper input validation by the XMPParser
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: aileenc(a)redhat.com, akoufoud(a)redhat.com,
akurtako(a)redhat.com, alazarot(a)redhat.com,
almorale(a)redhat.com, andjrobins(a)gmail.com,
anstephe(a)redhat.com, bibryam(a)redhat.com,
chazlett(a)redhat.com, dbhole(a)redhat.com,
drieden(a)redhat.com, ebaron(a)redhat.com,
eclipse-sig(a)lists.fedoraproject.org,
etirelli(a)redhat.com, ganandan(a)redhat.com,
ggaughan(a)redhat.com, gmalinko(a)redhat.com,
hbraun(a)redhat.com, ibek(a)redhat.com,
janstey(a)redhat.com, java-maint(a)redhat.com,
jerboaa(a)gmail.com, jjohnstn(a)redhat.com,
jkang(a)redhat.com, jochrist(a)redhat.com,
jstastny(a)redhat.com, jwon(a)redhat.com,
krathod(a)redhat.com, kverlaen(a)redhat.com,
lef(a)fedoraproject.org, mat.booth(a)redhat.com,
mcermak(a)redhat.com, mizdebsk(a)redhat.com,
mnovotny(a)redhat.com, mprchlik(a)redhat.com,
pantinor(a)redhat.com, patrickm(a)redhat.com,
pjindal(a)redhat.com, rgrunber(a)redhat.com,
rlandman(a)redhat.com, rrajasek(a)redhat.com,
rsynek(a)redhat.com, sdaley(a)redhat.com,
vkadlcik(a)redhat.com
Target Milestone: ---
Classification: Other
Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery,
caused by improper input validation by the XMPParser. By using a
specially-crafted argument, an attacker could exploit this vulnerability to
cause the underlying server to make arbitrary GET requests.
References:
https://xmlgraphics.apache.org/security.htmlhttps://www.openwall.com/lists/oss-security/2021/02/24/1
--
You are receiving this mail because:
You are on the CC list for the bug.