https://bugzilla.redhat.com/show_bug.cgi?id=1660117
Bug ID: 1660117
Summary: apache-commons-logging: Please rebuild to drop
javapackages-tools dependency
Product: Fedora
Version: 29
Status: NEW
Component: apache-commons-logging
Assignee: mizdebsk(a)redhat.com
Reporter: fweimer(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, mizdebsk(a)redhat.com,
sochotni(a)redhat.com, SpikeFedora(a)gmail.com
Target Milestone: ---
Classification: Fedora
apache-commons-logging-1.2-14.fc29.noarch depends on javapackages-tools, which
pools in OpenJDK 8 indirectly. A rebuild will change that and switch to the
javapackages-filesystem dependency, avoiding the potentially wasteful
installation of OpenJDK 8.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1620342
--- Comment #3 from Jason Shepherd <jshepherd(a)redhat.com> ---
OpenShift Container Platform 3.11 shipped with version 2.121.3 of Jenkins, so
it was never affected by this issue.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1647060
Andrej Nemec <anemec(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|CVE-2018-1000865 |CVE-2018-1000865
|jenkins-script-security-plu |CVE-2018-1000866
|gin: |jenkins-script-security-plu
|jenkins-plugin-script-secur |gin:
|ity: Sandbox Bypass in |jenkins-plugin-script-secur
|finalize methods |ity: Sandbox Bypass in
|[fedora-all] |finalize methods
| |[fedora-all]
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1647059
Andrej Nemec <anemec(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|CVE-2018-1000865 |CVE-2018-1000865
|jenkins-plugin-script-secur |CVE-2018-1000866
|ity: Sandbox Bypass in |jenkins-plugin-script-secur
|finalize methods |ity: Sandbox Bypass in
| |finalize methods
Alias| |CVE-2018-1000866
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1647060
Andrej Nemec <anemec(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|jenkins-script-security-plu |CVE-2018-1000865
|gin: |jenkins-script-security-plu
|jenkins-plugin-script-secur |gin:
|ity: Sandbox Bypass in |jenkins-plugin-script-secur
|finalize methods |ity: Sandbox Bypass in
|[fedora-all] |finalize methods
| |[fedora-all]
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1647059
Andrej Nemec <anemec(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|jenkins-plugin-script-secur |CVE-2018-1000865
|ity: Sandbox Bypass in |jenkins-plugin-script-secur
|finalize methods |ity: Sandbox Bypass in
| |finalize methods
Alias| |CVE-2018-1000865
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1604756
Fedora Update System <updates(a)fedoraproject.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Fixed In Version| |lucene3-3.6.2-15.fc29
Resolution|--- |ERRATA
Last Closed| |2018-12-18 03:05:20
--- Comment #5 from Fedora Update System <updates(a)fedoraproject.org> ---
lucene3-3.6.2-15.fc29 has been pushed to the Fedora 29 stable repository. If
problems still persist, please make note of it in this bug report.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1602975
Fedora Update System <updates(a)fedoraproject.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|MODIFIED |CLOSED
Fixed In Version| |jetty-9.4.14-1.v20181114.fc
| |29
Resolution|--- |ERRATA
Last Closed| |2018-12-16 04:22:14
--- Comment #5 from Fedora Update System <updates(a)fedoraproject.org> ---
ecj-4.10-1.fc29, eclipse-4.10.0-1.fc29, eclipse-abrt-0.0.3-7.fc29,
eclipse-dtp-1.14.102-2.fc29, eclipse-ecf-3.14.4-1.fc29,
eclipse-emf-2.16.0-1.fc29, eclipse-epp-logging-2.0.7-5.fc29,
eclipse-launchbar-2.2.2-1.fc29, eclipse-linuxtools-7.1.0-1.fc29,
eclipse-m2e-core-1.10.0-1.fc29, eclipse-m2e-wtp-1.4.1-1.fc29,
eclipse-mpc-1.7.3-1.fc29, eclipse-pdt-6.2.0-1.fc29,
eclipse-photran-9.2.1-1.fc29, eclipse-ptp-9.2.1-1.fc29,
eclipse-testng-6.14.0-6.fc29, glassfish-jaxb-api-2.2.12-10.fc29,
icu4j-63.1-1.fc29, jetty-9.4.14-1.v20181114.fc29, jnr-constants-0.9.12-1.fc29,
jnr-enxio-0.19-1.fc29, jnr-ffi-2.1.8-1.fc29, jnr-posix-3.0.47-1.fc29,
jnr-unixsocket-0.21-1.fc29 has been pushed to the Fedora 29 stable repository.
If problems still persist, please make note of it in this bug report.
--
You are receiving this mail because:
You are on the CC list for the bug.