January 2022 - Epel-packagers-sig - Fedora mailing-lists

[Bug 2044963] New: F36FailsToInstall: postorius
by bugzilla＠redhat.com 13 Sep '22

13 Sep '22

https://bugzilla.redhat.com/show_bug.cgi?id=2044963 Bug ID: 2044963 Summary: F36FailsToInstall: postorius Product: Fedora Version: rawhide Status: NEW Component: python-postorius Assignee: michel(a)michel-slm.name Reporter: mhroncok(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, ngompa13(a)gmail.com, python-sig(a)lists.fedoraproject.org Blocks: 1992487 (F36FailsToInstall,RAWHIDEFailsToInstall) Target Milestone: --- Classification: Fedora Hello, Please note that this comment was generated automatically. If you feel that this output has mistakes, please contact me via email (mhroncok(a)redhat.com). Your package (python-postorius) Fails To Install in Fedora 36: can't install postorius: - nothing provides (python3.10dist(django) < 3.3~~ with python3.10dist(django) >= 2.2) needed by postorius-1.3.6-1.fc36.noarch If you know about this problem and are planning on fixing it, please acknowledge so by setting the bug status to ASSIGNED. If you don't have time to maintain this package, consider orphaning it, so maintainers of dependent packages realize the problem. If you don't react accordingly to the policy for FTBFS/FTI bugs (https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…), your package may be orphaned in 8+ weeks. P.S. The data was generated solely from koji buildroot, so it might be newer than the latest compose or the content on mirrors. P.P.S. If this bug has been reported in the middle of upgrading multiple dependent packages, please consider using side tags: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/#updating-inter-d… Thanks! Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1992487 [Bug 1992487] Fedora 36 Fails To install Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2044963

1 10

[Bug 2032607] New: F36FailsToInstall: hyperkitty
by bugzilla＠redhat.com 13 Sep '22

13 Sep '22

https://bugzilla.redhat.com/show_bug.cgi?id=2032607 Bug ID: 2032607 Summary: F36FailsToInstall: hyperkitty Product: Fedora Version: rawhide Status: NEW Component: python-hyperkitty Assignee: michel(a)michel-slm.name Reporter: mhroncok(a)redhat.com CC: epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, ngompa13(a)gmail.com, python-sig(a)lists.fedoraproject.org Blocks: 1992487 (F36FailsToInstall,RAWHIDEFailsToInstall) Target Milestone: --- Classification: Fedora Hello, Please note that this comment was generated automatically. If you feel that this output has mistakes, please contact me via email (mhroncok(a)redhat.com). Your package (python-hyperkitty) Fails To Install in Fedora 36: can't install hyperkitty: - nothing provides python3.10dist(flufl-lock) >= 4 needed by hyperkitty-1.3.5-1.fc36.noarch - nothing provides python3.10dist(mistune) >= 2~rc1 needed by hyperkitty-1.3.5-1.fc36.noarch If you know about this problem and are planning on fixing it, please acknowledge so by setting the bug status to ASSIGNED. If you don't have time to maintain this package, consider orphaning it, so maintainers of dependent packages realize the problem. If you don't react accordingly to the policy for FTBFS/FTI bugs (https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…), your package may be orphaned in 8+ weeks. P.S. The data was generated solely from koji buildroot, so it might be newer than the latest compose or the content on mirrors. P.P.S. If this bug has been reported in the middle of upgrading multiple dependent packages, please consider using side tags: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/#updating-inter-d… Thanks! Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1992487 [Bug 1992487] Fedora 36 Fails To install Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2032607

1 7

[Bug 2042511] New: CVE-2022-22815 python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c
by bugzilla＠redhat.com 05 May '22

05 May '22

https://bugzilla.redhat.com/show_bug.cgi?id=2042511 Bug ID: 2042511 Summary: CVE-2022-22815 python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: bdettelb(a)redhat.com, cstratak(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, manisandro(a)gmail.com, miminar(a)redhat.com, orion(a)nwra.com, python-maint(a)redhat.com, python-sig(a)lists.fedoraproject.org, torsava(a)redhat.com Target Milestone: --- Classification: Other path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. References: https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1da… https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-image… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2042511

1 18

[Bug 2046014] New: python-tmuxp: FTBFS in Fedora Rawhide
by bugzilla＠redhat.com 26 Mar '22

26 Mar '22

https://bugzilla.redhat.com/show_bug.cgi?id=2046014 Bug ID: 2046014 Summary: python-tmuxp: FTBFS in Fedora Rawhide Product: Fedora Version: rawhide URL: https://koschei.fedoraproject.org/package/python-tmuxp Status: NEW Component: python-tmuxp Assignee: igor.raits(a)gmail.com Reporter: thrnciar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, igor.raits(a)gmail.com Blocks: 1992484 (F36FTBFS), 2016048 (PYTHON3.11) Target Milestone: --- Classification: Fedora Description of problem: Package python-tmuxp fails to build from source in Fedora Rawhide. Version-Release number of selected component (if applicable): 1.9.2-1.fc35 Steps to Reproduce: koji build --scratch f36 python-tmuxp-1.9.2-1.fc35.src.rpm Additional info: This package is tracked by Koschei. See: https://koschei.fedoraproject.org/package/python-tmuxp Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1992484 [Bug 1992484] Fedora 36 FTBFS Tracker https://bugzilla.redhat.com/show_bug.cgi?id=2016048 [Bug 2016048] Python 3.11 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2046014

1 4

[Bug 2042527] New: CVE-2022-22817 python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions
by bugzilla＠redhat.com 02 Mar '22

02 Mar '22

https://bugzilla.redhat.com/show_bug.cgi?id=2042527 Bug ID: 2042527 Summary: CVE-2022-22817 python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: bdettelb(a)redhat.com, cstratak(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, manisandro(a)gmail.com, miminar(a)redhat.com, orion(a)nwra.com, python-maint(a)redhat.com, python-sig(a)lists.fedoraproject.org, torsava(a)redhat.com Target Milestone: --- Classification: Other PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. Reference: https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-bu… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2042527

1 22

[Bug 2042522] New: CVE-2022-22816 python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c
by bugzilla＠redhat.com 02 Mar '22

02 Mar '22

https://bugzilla.redhat.com/show_bug.cgi?id=2042522 Bug ID: 2042522 Summary: CVE-2022-22816 python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: bdettelb(a)redhat.com, cstratak(a)redhat.com, epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, manisandro(a)gmail.com, miminar(a)redhat.com, orion(a)nwra.com, python-maint(a)redhat.com, python-sig(a)lists.fedoraproject.org, torsava(a)redhat.com Target Milestone: --- Classification: Other path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. References: https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1da… https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-image… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2042522

1 21

[Bug 2048817] New: Branch and build proxychains-ng for EPEL 9
by bugzilla＠redhat.com 09 Feb '22

09 Feb '22

https://bugzilla.redhat.com/show_bug.cgi?id=2048817 Bug ID: 2048817 Summary: Branch and build proxychains-ng for EPEL 9 Product: Fedora EPEL Version: epel9 Status: NEW Component: proxychains-ng Assignee: michel(a)michel-slm.name Reporter: michel(a)michel-slm.name QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, mtasaka(a)tbz.t-com.ne.jp, pranav913(a)gmail.com Target Milestone: --- Classification: Fedora Because why not -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2048817

1 13

[Bug 2044459] New: proxychains-ng-4.16 is available
by bugzilla＠redhat.com 09 Feb '22

09 Feb '22

https://bugzilla.redhat.com/show_bug.cgi?id=2044459 Bug ID: 2044459 Summary: proxychains-ng-4.16 is available Product: Fedora Version: rawhide Status: NEW Component: proxychains-ng Keywords: FutureFeature, Triaged Assignee: pranav913(a)gmail.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, michel(a)michel-slm.name, mtasaka(a)tbz.t-com.ne.jp, pranav913(a)gmail.com Target Milestone: --- Classification: Fedora Latest upstream release: 4.16 Current version/release in rawhide: 4.15-1.fc35 URL: https://github.com/rofl0r/proxychains-ng Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/6499/ -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2044459

1 18

[Bug 2047002] New: sedutil: FTBFS in Fedora rawhide/f36
by bugzilla＠redhat.com 07 Feb '22

07 Feb '22

https://bugzilla.redhat.com/show_bug.cgi?id=2047002 Bug ID: 2047002 Summary: sedutil: FTBFS in Fedora rawhide/f36 Product: Fedora Version: rawhide Status: NEW Component: sedutil Assignee: cra(a)fea.st Reporter: releng(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: cra(a)fea.st, epel-packagers-sig(a)lists.fedoraproject.org, filbranden(a)gmail.com Blocks: 1992484 (F36FTBFS) Target Milestone: --- Classification: Fedora sedutil failed to build from source in Fedora rawhide/f36 https://koji.fedoraproject.org/koji/taskinfo?taskID=81986475 For details on the mass rebuild see: https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild Please fix sedutil at your earliest convenience and set the bug's status to ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks, sedutil will be orphaned. Before branching of Fedora 37, sedutil will be retired, if it still fails to build. For more details on the FTBFS policy, please visit: https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails… Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1992484 [Bug 1992484] Fedora 36 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2047002

1 5

[Bug 2042530] New: CVE-2022-22817 python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions [fedora-all]
by bugzilla＠redhat.com 03 Feb '22

03 Feb '22

https://bugzilla.redhat.com/show_bug.cgi?id=2042530 Bug ID: 2042530 Summary: CVE-2022-22817 python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions [fedora-all] Product: Fedora Version: 35 Status: NEW Component: python-pillow Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: manisandro(a)gmail.com Reporter: gsuckevi(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: epel-packagers-sig(a)lists.fedoraproject.org, infra-sig(a)lists.fedoraproject.org, manisandro(a)gmail.com, miminar(a)redhat.com, python-sig(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of fedora-all. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2042530

1 8

2024

2023

2022

2021

Epel-packagers-sig January 2022