https://bugzilla.redhat.com/show_bug.cgi?id=1500288
Bug ID: 1500288
Summary: jpackage utils requires java-1.8.0-openjdk
Product: Fedora
Version: 27
Component: jpackage-utils
Assignee: extras-orphan(a)fedoraproject.org
Reporter: jvanek(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, extras-orphan(a)fedoraproject.org,
java-sig-commits(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, msrb(a)redhat.com,
sochotni(a)redhat.com
Description of problem:
jpackage utils requires java-1.8.0-openjdk
Version-Release number of selected component (if applicable):
f27+
How reproducible:
Consider system java settings for f27:
https://fedoraproject.org/wiki/Releases/27/ChangeSet#Decouple_system_java_s…
Which brought java-1.8.0-openjdk as dependence to jpackage-tools.
As side effect
- java-1.8.0-openjdk and jpackage-tools are now circular dependences.
- java-1.8.0-openjdk-aarch32 now pulls in java-1.8.0-openjdk
- that successfully kills usage of java-1.8.0-openjdk-aarch32 in buildroot,
as you can not change alternatives
Now consider jdk9 in f27:
https://fedoraproject.org/wiki/Releases/27/ChangeSet#Java_9
the side kick is same as for jdk8-aarch32. Installation of java-9-openjdk
(which rewuires jpackage tools) will pull in java8. It kills jdk9 in buildroot,
and making the life of possible jdk9 user very uncomfortable.
Actual results:
Installation of jdk8-aarch32 or jdk9 is bringing jdk8 as transitional
dependence.
Expected results:
Installation of jdk8-aarch32 or jdk9 will not bring jdk8 as transitional
dependence.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1523102
Bug ID: 1523102
Summary: google-guice 4.1-8 breaks Xtext
Product: Fedora
Version: 27
Component: google-guice
Assignee: mizdebsk(a)redhat.com
Reporter: ugilio(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
sochotni(a)redhat.com
Created attachment 1364112
--> https://bugzilla.redhat.com/attachment.cgi?id=1364112&action=edit
The stack trace in the Eclipse console
Description of problem:
After the update from 4.1-7 to 4.1-8, recent Xtext versions (tried with 2.12.0
and 2.13.0) don't work anymore (java.lang.NoClassDefFoundError:
net/sf/cglib/core/CodeGenerationException).
Tested on both fedora 26 and 27.
(Sorry for not having reported it earlier, I thought the problem was on my
side, I was in a hurry and I simply downgraded guice to 4.1-7...)
Version-Release number of selected component (if applicable):
4.1-8
How reproducible:
Always
Steps to Reproduce:
1. Start eclipse
2. Install Xtext complete SDK from update site:
http://download.eclipse.org/modeling/tmf/xtext/updates/composite/releases/
3. After restarting Eclipse, create a New Xtext Project and accept all defaults
4. In the newly-generated MyDsl.xtext right click and select "Generate Xtext
Artifacts"
Actual results:
No artifact is generated. In the console:
[main] ERROR mf.mwe2.launch.runtime.Mwe2Launcher -
com.google.common.util.concurrent.ExecutionError:
java.lang.NoClassDefFoundError: net/sf/cglib/core/CodeGenerationException
...
Expected results:
No error occurs, the artifacts are generated.
Additional info:
- I'm using default java-1.8.0-openjdk-1.8.0.151-1.b12.fc27.x86_64
- google-guice 4.1-7 works fine
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1542899
Bug ID: 1542899
Summary: Task failure with ant and JAXB's xjc
Product: Fedora
Version: 27
Component: ant
Assignee: msimacek(a)redhat.com
Reporter: peterhull90(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, jaromir.capik(a)email.cz,
java-sig-commits(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com, mizdebsk(a)redhat.com,
msimacek(a)redhat.com, msrb(a)redhat.com
Created attachment 1392587
--> https://bugzilla.redhat.com/attachment.cgi?id=1392587&action=edit
Ant build script
Description of problem:
Running the JAXB xjc task in ant appears to make ant fail at a later stage with
classpath problems. The xjc task itself seems to finish correctly.
The background to this is trying to build Netbeans on Fedora 27 fails and I
have done some work to narrow down Netbeans build script (which is very
large/complicated) to this aspect.
See https://issues.apache.org/jira/browse/NETBEANS-239 and
http://mail-archives.apache.org/mod_mbox/incubator-netbeans-dev/201801.mbox…
However setting the ANT_HOME explicitly makes this bug disappear.
I believe I have set up the xjc task correctly to run with Fedora's
glassfish-jaxb packages.
Version-Release number of selected component (if applicable):
ant.noarch 1.10.1-7.fc27 @fedora
ant-lib.noarch 1.10.1-7.fc27 @fedora
glassfish-jaxb.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-api.noarch 2.2.12-7.fc27 @fedora
glassfish-jaxb-bom.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-bom-ext.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-codemodel.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-codemodel-annotation-compiler.noarch
glassfish-jaxb-codemodel-parent.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-core.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-external-parent.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-jxc.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-parent.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-rngom.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-runtime.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-runtime-parent.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-txw-parent.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-txw2.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-txwc2.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb-xjc.noarch 2.2.11-6.fc27 @fedora
glassfish-jaxb1-impl.noarch 2.2.11-6.fc27 @fedora
java-1.8.0-openjdk.x86_64 1:1.8.0.161-0.b14.fc27
@updates
java-1.8.0-openjdk-devel.x86_64 1:1.8.0.161-0.b14.fc27
@updates
java-1.8.0-openjdk-headless.x86_64 1:1.8.0.161-0.b14.fc27
@updates
How reproducible:
Always
Steps to Reproduce:
1. Use attached build.xml and test.xsd
2. Run ant
3. See error message
Note this is a minimal build.xml and test.xsd to cause the problem to appear.
Actual results:
build succeeds
Expected results:
Build fails,
$ ant
Buildfile: .../build.xml
fail:
[xjc] Consider using <depends>/<produces> so that XJC won't do
unnecessary compilation
[xjc] Compiling file:.../test.xsd
[xjc] Writing output to .
Caught an exception while logging the end of the build. Exception was:
java.lang.NoClassDefFoundError: org/apache/tools/ant/util/DateUtils
at
org.apache.tools.ant.DefaultLogger.formatTime(DefaultLogger.java:328)
at
org.apache.tools.ant.DefaultLogger.buildFinished(DefaultLogger.java:177)
at org.apache.tools.ant.Project.fireBuildFinished(Project.java:2110)
at org.apache.tools.ant.Main.runBuild(Main.java:878)
at org.apache.tools.ant.Main.startAnt(Main.java:236)
at org.apache.tools.ant.launch.Launcher.run(Launcher.java:287)
at org.apache.tools.ant.launch.Launcher.main(Launcher.java:113)
Caused by: java.lang.ClassNotFoundException:
org.apache.tools.ant.util.DateUtils
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:338)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
Additional info:
This succeeds:
$ ANT_HOME=/usr/share/ant/ ant
Buildfile: .../build.xml
fail:
[xjc] Consider using <depends>/<produces> so that XJC won't do
unnecessary compilation
[xjc] Compiling file:.../test.xsd
[xjc] Writing output to .
BUILD SUCCESSFUL
Total time: 1 second
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1439284
Bug ID: 1439284
Summary: Jenkins is build with dom4j 1.6.1-27 but 2.0.0-1 is
installed
Product: Fedora
Version: rawhide
Component: jenkins
Severity: urgent
Assignee: msrb(a)redhat.com
Reporter: dhill(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msrb(a)redhat.com
Description of problem:
Jenkins is build with dom4j 1.6.1-27 but 2.0.0-1 is installed
Version-Release number of selected component (if applicable):
How reproducible:
Always
Steps to Reproduce:
1. Update to latest dom4j
2.
3.
Actual results:
Breaks jenkins
Expected results:
Doesn't break jenkins.
Additional info:
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1451202
Bug ID: 1451202
Summary: Please add logrotate file to Jenkins
Product: Fedora
Version: rawhide
Component: jenkins
Severity: low
Assignee: msrb(a)redhat.com
Reporter: metonymy(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msrb(a)redhat.com
Please add the logrotate from ansible to the jenkins package.
For details see: https://pagure.io/fedora-infrastructure/issue/6010
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1468722
Bug ID: 1468722
Summary: Latest jenkins update breaks jenkins startup
Product: Fedora
Version: rawhide
Component: jenkins
Severity: low
Assignee: msrb(a)redhat.com
Reporter: dhill(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msrb(a)redhat.com
Description of problem:
Latest jenkins update breaks jenkins startup and deleting the broken symlink
/usr/share/jenkins/webroot/WEB-INF/lib/jnr-posix.jar solves the issue:
java.io.FileNotFoundException:
/usr/share/jenkins/webroot/WEB-INF/lib/jnr-posix.jar (No such file or
directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
at java.io.FileInputStream.<init>(FileInputStream.java:138)
at
org.eclipse.jetty.util.resource.FileResource.getInputStream(FileResource.java:286)
at org.eclipse.jetty.webapp.JarScanner.matched(JarScanner.java:151)
at
org.eclipse.jetty.util.PatternMatcher.matchPatterns(PatternMatcher.java:100)
at org.eclipse.jetty.util.PatternMatcher.match(PatternMatcher.java:82)
at org.eclipse.jetty.webapp.JarScanner.scan(JarScanner.java:84)
at
org.eclipse.jetty.webapp.MetaInfConfiguration.preConfigure(MetaInfConfiguration.java:84)
at
org.eclipse.jetty.webapp.WebAppContext.preConfigure(WebAppContext.java:457)
at
winstone.HostConfiguration$1.preConfigure(HostConfiguration.java:166)
at
org.eclipse.jetty.webapp.WebAppContext.doStart(WebAppContext.java:493)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at
org.eclipse.jetty.server.handler.HandlerWrapper.doStart(HandlerWrapper.java:95)
at org.eclipse.jetty.server.Server.doStart(Server.java:282)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at winstone.Launcher.<init>(Launcher.java:152)
at winstone.Launcher.main(Launcher.java:352)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at Main._main(Main.java:290)
at Main.main(Main.java:104)
Version-Release number of selected component (if applicable):
How reproducible:
Don't know
Steps to Reproduce:
1. Update
2.
3.
Actual results:
Jenkins didn't restart
Expected results:
Jenkins should restart
Additional info:
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1630088
Bug ID: 1630088
Summary: zookeeper: Remove (sub)packages from Fedora 30+:
python2-zookeeper
Product: Fedora
Version: rawhide
Component: zookeeper
Assignee: tstclair(a)heptio.com
Reporter: mhroncok(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: cstratak(a)redhat.com, ctubbsii(a)fedoraproject.org,
i.gnatenko.brain(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
mhroncok(a)redhat.com, mluscon(a)gmail.com,
ngompa13(a)gmail.com, pviktori(a)redhat.com, s(a)shk.io,
tstclair(a)heptio.com, zbyszek(a)in.waw.pl
Blocks: 1625773 (PY2REMOVAL)
In line with the Mass Python 2 Package Removal [0], the following (sub)packages
of zookeeper were marked for removal:
* python2-zookeeper
According to our query, those (sub)packages only provide a Python 2 importable
module. If this is not true, please tell us why, so we can fix our query.
Please remove them from your package.
As said in the change document, if there is no objection in a week, we will
remove the package(s) as soon as we get to it. This change might not match your
packaging style, so we'd prefer if you did the change. If you need more time,
please let us know here.
We hope this doesn't come to you as a surprise. If you want to know our
motivation for this, please read the change document [0].
[0] https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1625773
[Bug 1625773] Mass Python 2 Package Removal
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1444418
Bug ID: 1444418
Summary: CVE-2017-3586 CVE-2017-3589 mysql-connector-java:
various flaws [fedora-all]
Product: Fedora
Version: 25
Component: mysql-connector-java
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: puntogil(a)libero.it
Reporter: amaris(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: hhorak(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
puntogil(a)libero.it, xjakub(a)fi.muni.cz
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1632452
Bug ID: 1632452
Summary: CVE-2018-3831 elasticsearch: Information exposure via
_cluster/settings API
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: ahardin(a)redhat.com, alazarot(a)redhat.com,
anstephe(a)redhat.com, apevec(a)redhat.com,
bbuckingham(a)redhat.com, bcourt(a)redhat.com,
bkearney(a)redhat.com, bleanhar(a)redhat.com,
bobjensen(a)gmail.com, cbillett(a)redhat.com,
ccoleman(a)redhat.com, chrisw(a)redhat.com,
dedgar(a)redhat.com, emmanuel(a)seyman.fr,
eparis(a)redhat.com, etirelli(a)redhat.com,
hghasemb(a)redhat.com, ibek(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jjoyce(a)redhat.com,
jokerman(a)redhat.com, jschluet(a)redhat.com,
jvanek(a)redhat.com, kbasil(a)redhat.com,
krathod(a)redhat.com, kverlaen(a)redhat.com,
lhh(a)redhat.com, lpeer(a)redhat.com, lpetrovi(a)redhat.com,
markmc(a)redhat.com, mburns(a)redhat.com,
mchappel(a)redhat.com, mmagr(a)redhat.com,
mmccune(a)redhat.com, mrike(a)redhat.com,
ohadlevy(a)redhat.com, pahan(a)hubbitus.info,
paradhya(a)redhat.com, pszubiak(a)redhat.com,
rbryant(a)redhat.com, rchan(a)redhat.com,
rjerrido(a)redhat.com, rrajasek(a)redhat.com,
rsynek(a)redhat.com, rzhang(a)redhat.com,
sclewis(a)redhat.com, sdaley(a)redhat.com,
slinaber(a)redhat.com, tdecacqu(a)redhat.com,
tjay(a)redhat.com, tomckay(a)redhat.com, zbyszek(a)in.waw.pl
Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have
an information disclosure issue when secrets are configured via the API. The
Elasticsearch _cluster/settings API, when queried, could leak sensitive
configuration information such as passwords, tokens, or usernames. This could
allow an authenticated Elasticsearch user to improperly view these details.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1515065
Bug ID: 1515065
Summary: jenkins: Arbitrary shell command execution on master
by users with Agent-related permissions (SECURITY-478)
[fedora-all]
Product: Fedora
Version: 27
Component: jenkins
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: msrb(a)redhat.com
Reporter: mknowles(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msrb(a)redhat.com
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.