java-sig-commits October 2015

java-sig-commits@lists.fedoraproject.org

4 participants
245 discussions

[Bug 652183] Java SIG tracker bug
by Red Hat Bugzilla 01 Oct '15

01 Oct '15

https://bugzilla.redhat.com/show_bug.cgi?id=652183 gil cattaneo <puntogil(a)libero.it> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On|1261019 | Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1261019 [Bug 1261019] Review Request: opennlp - A machine learning based toolkit for the processing of natural language text -- You are receiving this mail because: You are the QA Contact for the bug. You are the assignee for the bug.

1 0

[Bug 652183] Java SIG tracker bug
by Red Hat Bugzilla 01 Oct '15

01 Oct '15

https://bugzilla.redhat.com/show_bug.cgi?id=652183 gil cattaneo <puntogil(a)libero.it> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On|1262157 | Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1262157 [Bug 1262157] Review Request: jackcess-encrypt - Java implementation of the encryption service for MS Access -- You are receiving this mail because: You are the QA Contact for the bug. You are the assignee for the bug.

1 0

[Bug 1261538] New: CVE-2015-5262 jakarta-commons-httpclient, httpcomponents-core: missing HTTPS connection timeout
by Red Hat Bugzilla 01 Oct '15

01 Oct '15

https://bugzilla.redhat.com/show_bug.cgi?id=1261538 Bug ID: 1261538 Summary: CVE-2015-5262 jakarta-commons-httpclient, httpcomponents-core: missing HTTPS connection timeout Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: fweimer(a)redhat.com CC: david(a)gnsa.us, java-maint(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jerboaa(a)gmail.com, krzysztof.daniel(a)gmail.com, mizdebsk(a)redhat.com, msimacek(a)redhat.com, msrb(a)redhat.com, pcheung(a)redhat.com It was discovered that Apache HttpClient did not apply a configured connection or read timeout during the initial handshake of an HTTPS connection. As a result, HTTPS connection could get stuck, causing a denial of service if multiple such connections accumulate. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=8dau1uPcUr&a=cc_unsubscribe _______________________________________________ java-sig-commits mailing list java-sig-commits(a)lists.fedoraproject.org http://lists.fedoraproject.org/postorius/java-sig-commits@lists.fedoraproje…

1 13

[Bug 1262207] New: CVE-2015-5262 jakarta-commons-httpclient: jakarta-commons-httpclient, httpcomponents-core: missing HTTPS connection timeout [fedora-all]
by Red Hat Bugzilla 01 Oct '15

01 Oct '15

https://bugzilla.redhat.com/show_bug.cgi?id=1262207 Bug ID: 1262207 Summary: CVE-2015-5262 jakarta-commons-httpclient: jakarta-commons-httpclient, httpcomponents-core: missing HTTPS connection timeout [fedora-all] Product: Fedora Version: 22 Component: jakarta-commons-httpclient Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: mizdebsk(a)redhat.com Reporter: fweimer(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: david(a)gnsa.us, java-sig-commits(a)lists.fedoraproject.org, mizdebsk(a)redhat.com, msimacek(a)redhat.com, msrb(a)redhat.com Blocks: 1261538 (CVE-2015-5262) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1261538 [Bug 1261538] CVE-2015-5262 jakarta-commons-httpclient, httpcomponents-core: missing HTTPS connection timeout -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=wLn0S3rta8&a=cc_unsubscribe _______________________________________________ java-sig-commits mailing list java-sig-commits(a)lists.fedoraproject.org http://lists.fedoraproject.org/postorius/java-sig-commits@lists.fedoraproje…

1 4

[Bug 1215061] New: springframework-batch-2.2.7.RELEASE is available
by Red Hat Bugzilla 01 Oct '15

01 Oct '15

https://bugzilla.redhat.com/show_bug.cgi?id=1215061 Bug ID: 1215061 Summary: springframework-batch-2.2.7.RELEASE is available Product: Fedora Version: rawhide Component: springframework-batch Assignee: puntogil(a)libero.it Reporter: puntogil(a)libero.it QA Contact: extras-qa(a)fedoraproject.org CC: java-sig-commits(a)lists.fedoraproject.org, msrb(a)redhat.com, puntogil(a)libero.it Latest upstream release: 2.2.7.RELEASE Current version/release in Fedora Rawhide: 2.1.9-3.fc23 URL: https://github.com/spring-projects/spring-batch/tags Please, consider upgrading Additional info: some build deps are not free: org.springframework.data:spring-data-neo4j org.springframework.data:spring-data-gemfire some build deps are still not available org.springframework.data:spring-data-commons org.springframework.data:spring-data-mongodb (https://bugzilla.redhat.com/show_bug.cgi?id=1178257) -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=age15Afo6i&a=cc_unsubscribe

1 20

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

java-sig-commits October 2015