https://bugzilla.redhat.com/show_bug.cgi?id=652183
Bug 652183 depends on bug 1359246, which changed state.
Bug 1359246 Summary: Review Request: netty41 - An asynchronous event-driven network application framework and tools for Java
https://bugzilla.redhat.com/show_bug.cgi?id=1359246
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution|--- |CURRENTRELEASE
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=652183
Bug 652183 depends on bug 1655697, which changed state.
Bug 1655697 Summary: Review Request: byte-buddy - Runtime code generation for the Java virtual machine
https://bugzilla.redhat.com/show_bug.cgi?id=1655697
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution|--- |RAWHIDE
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=652183
Bug 652183 depends on bug 1293694, which changed state.
Bug 1293694 Summary: Review Request: byte-buddy - Runtime code generation for the Java virtual machine
https://bugzilla.redhat.com/show_bug.cgi?id=1293694
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution|--- |DUPLICATE
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=652183
Mat Booth <mat.booth(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Depends On| |1655697
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1655697
[Bug 1655697] Review Request: byte-buddy - Runtime code generation for the
Java virtual machine
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1372120
Bug ID: 1372120
Summary: CVE-2016-6346 RESTEasy: Abuse of GZIPInterceptor in
RESTEasy can lead to denial of service attack
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: jshepherd(a)redhat.com
CC: aileenc(a)redhat.com, alazarot(a)redhat.com,
alee(a)redhat.com, aszczucz(a)redhat.com,
bazulay(a)redhat.com, bbaranow(a)redhat.com,
bdawidow(a)redhat.com, bkearney(a)redhat.com,
bmaxwell(a)redhat.com, bmcclain(a)redhat.com,
cbillett(a)redhat.com, cdewolf(a)redhat.com,
chazlett(a)redhat.com, csutherl(a)redhat.com,
dandread(a)redhat.com, darran.lofthouse(a)redhat.com,
dblechte(a)redhat.com, dosoudil(a)redhat.com,
eedri(a)redhat.com, epp-bugs(a)redhat.com,
etirelli(a)redhat.com, felias(a)redhat.com,
fnasser(a)redhat.com, gklein(a)redhat.com,
gvarsami(a)redhat.com, hchiorea(a)redhat.com,
hfnukal(a)redhat.com, huwang(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jawilson(a)redhat.com, jboss-set(a)redhat.com,
jbpapp-maint(a)redhat.com, jcoleman(a)redhat.com,
jdg-bugs(a)redhat.com, jmatthew(a)redhat.com,
jolee(a)redhat.com, jpallich(a)redhat.com,
jshepherd(a)redhat.com, katello-bugs(a)redhat.com,
kconner(a)redhat.com, kseifried(a)redhat.com,
kverlaen(a)redhat.com, ldimaggi(a)redhat.com,
lgao(a)redhat.com, lpetrovi(a)redhat.com,
lsurette(a)redhat.com, mbaluch(a)redhat.com,
mgoldboi(a)redhat.com, mgoldman(a)redhat.com,
miburman(a)redhat.com, michal.skrivanek(a)redhat.com,
mmccune(a)redhat.com, mweiler(a)redhat.com,
mwinkler(a)redhat.com, myarboro(a)redhat.com,
nwallace(a)redhat.com, ohadlevy(a)redhat.com,
oourfali(a)redhat.com, pavelp(a)redhat.com,
pgier(a)redhat.com, pkliczew(a)redhat.com,
psakar(a)redhat.com, pslavice(a)redhat.com,
puntogil(a)libero.it, rcernich(a)redhat.com,
Rhev-m-bugs(a)redhat.com, rnetuka(a)redhat.com,
rrajasek(a)redhat.com, rsvoboda(a)redhat.com,
rwagner(a)redhat.com, rzhang(a)redhat.com,
satellite6-bugs(a)redhat.com, sherold(a)redhat.com,
soa-p-jira(a)post-office.corp.redhat.com,
spinder(a)redhat.com, tcunning(a)redhat.com,
theute(a)redhat.com, tjay(a)redhat.com, tkirby(a)redhat.com,
tlestach(a)redhat.com, tomckay(a)redhat.com,
tsanders(a)redhat.com, ttarrant(a)redhat.com,
twalsh(a)redhat.com, vhalbert(a)redhat.com,
vtunka(a)redhat.com, weli(a)redhat.com, ydary(a)redhat.com,
ykaul(a)redhat.com
It was found that GZIPInterceptor is enabled when not necessarily required in
RESTEasy. An attacker could use this flaw to launch a Denial of Service attack.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1632462
Cedric Buissart <cbuissar(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018
|0919,reported=20180919,sour |0919,reported=20180919,sour
|ce=cve,cvss3=7.5/CVSS:3.0/A |ce=cve,cvss3=7.5/CVSS:3.0/A
|V:N/AC:L/PR:N/UI:N/S:U/C:N/ |V:N/AC:L/PR:N/UI:N/S:U/C:N/
|I:N/A:H,cwe=CWE-776,fedora- |I:N/A:H,cwe=CWE-776,fedora-
|all/tika=affected,rhscl-3/r |all/tika=affected,rhscl-3/r
|h-eclipse46-tika=affected,f |h-eclipse46-tika=wontfix,fi
|is-2/tika-core=new,fuse-7/c |s-2/tika-core=new,fuse-7/ca
|amel-tika=new,fsw-6/tika-co |mel-tika=new,fsw-6/tika-cor
|re=new,brms-5/tika-core=new |e=new,brms-5/tika-core=new,
|,brms-6/tika-core=new,bpms- |brms-6/tika-core=new,bpms-6
|6/tika-core=new,jdv-6/tika- |/tika-core=new,jdv-6/tika-c
|core=new,rhn_satellite_5/ti |ore=new,rhn_satellite_5/tik
|ka=wontfix/impact=low |a=wontfix/impact=low
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1655502
Bug ID: 1655502
Summary: zxing-3.3.3 is available
Product: Fedora
Version: rawhide
Component: zxing
Keywords: FutureFeature, Triaged
Assignee: hegjon(a)gmail.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: hegjon(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
puntogil(a)libero.it
Latest upstream release: 3.3.3
Current version/release in rawhide: 3.2.1-8.fc29
URL: https://github.com/zxing/zxing/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/7678/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1655302
Bug ID: 1655302
Summary: snakeyaml-1.18 is available
Product: Fedora
Version: rawhide
Component: snakeyaml
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: jaromir.capik(a)email.cz,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, mo(a)morsi.org
Latest upstream release: 1.18
Current version/release in rawhide: 1.17-6.fc29
URL: https://bitbucket.org/asomov/snakeyaml/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/4842/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1448498
Bug ID: 1448498
Summary: apache-sshd-1.4.0 is available
Product: Fedora
Version: rawhide
Component: apache-sshd
Keywords: Rebase
Assignee: msrb(a)redhat.com
Reporter: sbonazzo(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
msrb(a)redhat.com, puntogil(a)libero.it
Latest upstream release: 1.4.0
Current version/release in rawhide: 0.14.0-5.fc26
URL: www.eu.apache.org/dist/mina/sshd
Based on the information from anitya:
https://release-monitoring.org/project/15120/
Opened manually since integration with anitya and upstream release monitoring
is turned off in
https://admin.fedoraproject.org/pkgdb/package/rpms/apache-sshd/
--
You are receiving this mail because:
You are on the CC list for the bug.