[Bug 1837975] CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1837975 --- Comment #15 from msidd...@redhat.com --- The fixes are now published in Perl versions 5.28.3 and 5.30.3. https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod https://metacpan.org/pod/release/XSAWYERX/perl-5.30.3/pod/perldelta.pod -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1837988] CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1837988 --- Comment #17 from msidd...@redhat.com --- The fixes are now published in Perl versions 5.28.3 and 5.30.3. https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod https://metacpan.org/pod/release/XSAWYERX/perl-5.30.3/pod/perldelta.pod -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1838000] CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1838000 --- Comment #14 from msidd...@redhat.com --- The fixes are now published in Perl versions 5.28.3 and 5.30.3. https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod https://metacpan.org/pod/release/XSAWYERX/perl-5.30.3/pod/perldelta.pod -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1838000] CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1838000 msidd...@redhat.com changed: What|Removed |Added Group|security, qe_staff | CC||caillon+fedoraproject@gmail ||.com, iarn...@gmail.com, ||ka...@ucw.cz, ||mmasl...@redhat.com, ||perl-devel@lists.fedoraproj ||ect.org, ||perl-maint-l...@redhat.com, ||psab...@redhat.com, ||rhug...@redhat.com, ||sandm...@redhat.com, ||spo...@gmail.com Deadline|2020-06-02 | Summary|EMBARGOED CVE-2020-12723|CVE-2020-12723 perl: |perl: corruption of |corruption of intermediate |intermediate language state |language state of compiled |of compiled regular |regular expression due to |expression due to recursive |recursive S_study_chunk() |S_study_chunk() calls leads |calls leads to DoS |to DoS | -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844664] CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1844664 --- Comment #1 from msidd...@redhat.com --- Use the following template to for the 'fedpkg update' request to submit an update for this issue as it contains the top-level parent bug(s) as well as this tracking bug. This will ensure that all associated bugs get updated when new packages are pushed to stable. = # bugfix, security, enhancement, newpackage (required) type=security # low, medium, high, urgent (required) severity=medium # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1838000,1844664 # Description of your update notes=Security fix for [PUT CVEs HERE] # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False == Additionally, you may opt to use the bodhi web interface to submit updates: https://bodhi.fedoraproject.org/updates/new -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844664] New: CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1844664 Bug ID: 1844664 Summary: CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS [fedora-all] Product: Fedora Version: 32 Status: NEW Component: perl Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jples...@redhat.com Reporter: msidd...@redhat.com QA Contact: extras...@fedoraproject.org CC: caillon+fedoraproj...@gmail.com, iarn...@gmail.com, jples...@redhat.com, ka...@ucw.cz, mmasl...@redhat.com, perl-devel@lists.fedoraproject.org, ppi...@redhat.com, psab...@redhat.com, rhug...@redhat.com, sandm...@redhat.com, spo...@gmail.com Target Milestone: --- Classification: Fedora This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of fedora-all. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1838000] CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1838000 msidd...@redhat.com changed: What|Removed |Added Depends On||1844664 Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1844664 [Bug 1844664] CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS [fedora-all] -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844664] CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1844664 msidd...@redhat.com changed: What|Removed |Added Blocks||1838000 (CVE-2020-12723) Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1838000 [Bug 1838000] CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1838000] CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1838000 --- Comment #13 from msidd...@redhat.com --- Created perl tracking bugs for this issue: Affects: fedora-all [bug 1844664] -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844663] New: CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1844663 Bug ID: 1844663 Summary: CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS [fedora-all] Product: Fedora Version: 32 Status: NEW Component: perl Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jples...@redhat.com Reporter: msidd...@redhat.com QA Contact: extras...@fedoraproject.org CC: caillon+fedoraproj...@gmail.com, iarn...@gmail.com, jples...@redhat.com, ka...@ucw.cz, mmasl...@redhat.com, perl-devel@lists.fedoraproject.org, ppi...@redhat.com, psab...@redhat.com, rhug...@redhat.com, sandm...@redhat.com, spo...@gmail.com Target Milestone: --- Classification: Fedora This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of fedora-all. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1837988] CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1837988 msidd...@redhat.com changed: What|Removed |Added Depends On||1844663 Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1844663 [Bug 1844663] CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS [fedora-all] -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844663] CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1844663 msidd...@redhat.com changed: What|Removed |Added Blocks||1837988 (CVE-2020-10878) Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1837988 [Bug 1837988] CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1837988] CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1837988 --- Comment #16 from msidd...@redhat.com --- Created perl tracking bugs for this issue: Affects: fedora-all [bug 1844663] -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1837988] CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1837988 msidd...@redhat.com changed: What|Removed |Added Group|security, qe_staff | CC||caillon+fedoraproject@gmail ||.com, iarn...@gmail.com, ||ka...@ucw.cz, ||mmasl...@redhat.com, ||perl-devel@lists.fedoraproj ||ect.org, ||perl-maint-l...@redhat.com, ||psab...@redhat.com, ||rhug...@redhat.com, ||sandm...@redhat.com, ||spo...@gmail.com Deadline|2020-06-01 | Summary|EMBARGOED CVE-2020-10878|CVE-2020-10878 perl: |perl: corruption of |corruption of intermediate |intermediate language state |language state of compiled |of compiled regular |regular expression due to |expression due to integer |integer overflow leads to |overflow leads to DoS |DoS --- Comment #15 from msidd...@redhat.com --- References: https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3 -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844663] CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1844663 --- Comment #1 from msidd...@redhat.com --- Use the following template to for the 'fedpkg update' request to submit an update for this issue as it contains the top-level parent bug(s) as well as this tracking bug. This will ensure that all associated bugs get updated when new packages are pushed to stable. = # bugfix, security, enhancement, newpackage (required) type=security # low, medium, high, urgent (required) severity=medium # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1837988,1844663 # Description of your update notes=Security fix for [PUT CVEs HERE] # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False == Additionally, you may opt to use the bodhi web interface to submit updates: https://bodhi.fedoraproject.org/updates/new -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844662] CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1844662 msidd...@redhat.com changed: What|Removed |Added Blocks||1837975 (CVE-2020-10543) Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1837975 [Bug 1837975] CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1837975] CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1837975 msidd...@redhat.com changed: What|Removed |Added Depends On||1844662 Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1844662 [Bug 1844662] CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS [fedora-all] -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1837975] CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1837975 --- Comment #14 from msidd...@redhat.com --- Created perl tracking bugs for this issue: Affects: fedora-all [bug 1844662] -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844662] New: CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1844662 Bug ID: 1844662 Summary: CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS [fedora-all] Product: Fedora Version: 32 Status: NEW Component: perl Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jples...@redhat.com Reporter: msidd...@redhat.com QA Contact: extras...@fedoraproject.org CC: caillon+fedoraproj...@gmail.com, iarn...@gmail.com, jples...@redhat.com, ka...@ucw.cz, mmasl...@redhat.com, perl-devel@lists.fedoraproject.org, ppi...@redhat.com, psab...@redhat.com, rhug...@redhat.com, sandm...@redhat.com, spo...@gmail.com Target Milestone: --- Classification: Fedora This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of fedora-all. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844662] CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1844662 --- Comment #1 from msidd...@redhat.com --- Use the following template to for the 'fedpkg update' request to submit an update for this issue as it contains the top-level parent bug(s) as well as this tracking bug. This will ensure that all associated bugs get updated when new packages are pushed to stable. = # bugfix, security, enhancement, newpackage (required) type=security # low, medium, high, urgent (required) severity=medium # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1837975,1844662 # Description of your update notes=Security fix for [PUT CVEs HERE] # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False == Additionally, you may opt to use the bodhi web interface to submit updates: https://bodhi.fedoraproject.org/updates/new -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1837975] CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1837975 msidd...@redhat.com changed: What|Removed |Added Group|security, qe_staff | CC||caillon+fedoraproject@gmail ||.com, iarn...@gmail.com, ||ka...@ucw.cz, ||mmasl...@redhat.com, ||perl-devel@lists.fedoraproj ||ect.org, ||perl-maint-l...@redhat.com, ||psab...@redhat.com, ||rhug...@redhat.com, ||sandm...@redhat.com, ||spo...@gmail.com Deadline|2020-06-01 | Summary|EMBARGOED CVE-2020-10543|CVE-2020-10543 perl: |perl: heap-based buffer |heap-based buffer overflow |overflow in regular |in regular expression |expression compiler leads |compiler leads to DoS |to DoS | -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844622] New: perl-DBD-Pg-3.12.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1844622 Bug ID: 1844622 Summary: perl-DBD-Pg-3.12.3 is available Product: Fedora Version: rawhide Status: NEW Component: perl-DBD-Pg Keywords: FutureFeature, Triaged Assignee: jples...@redhat.com Reporter: upstream-release-monitor...@fedoraproject.org QA Contact: extras...@fedoraproject.org CC: caillon+fedoraproj...@gmail.com, dev...@gunduz.org, john.j5l...@gmail.com, jples...@redhat.com, ka...@ucw.cz, perl-devel@lists.fedoraproject.org, prais...@redhat.com, rhug...@redhat.com, rstr...@redhat.com, sandm...@redhat.com Target Milestone: --- Classification: Fedora Latest upstream release: 3.12.3 Current version/release in rawhide: 3.12.2-1.fc33 URL: http://search.cpan.org/dist/DBD-Pg/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/2809/ -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844363] perl-Test-TrailingSpace-0.0500 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1844363 Paul Howarth changed: What|Removed |Added Status|NEW |CLOSED Fixed In Version||perl-Test-TrailingSpace-0.0 ||500-1.fc33 Resolution|--- |RAWHIDE Doc Type|--- |If docs needed, set a value Last Closed||2020-06-05 18:23:54 --- Comment #2 from Paul Howarth --- Build done: https://koji.fedoraproject.org/koji/taskinfo?taskID=45461116 -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1832735] perl-Test2-Plugin-SpecDeclare-0.000003-11.fc33 FTBFS: Looks like your test exited with 255 after test #4.
https://bugzilla.redhat.com/show_bug.cgi?id=1832735 Petr Pisar changed: What|Removed |Added Status|NEW |CLOSED Resolution|--- |WONTFIX Last Closed||2020-06-05 13:12:16 --- Comment #1 from Petr Pisar --- This package is incompatible with Devel::Declare ≥ 0.006022 and upstream has no intention to fix it. This package was removed from Fedora 33. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1835353] rubygem-mail: Out of memory issue through nested MIME parts
https://bugzilla.redhat.com/show_bug.cgi?id=1835353 --- Comment #6 from Yadnyawalk Tale --- Acknowledged. Understood. Thanks. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844363] perl-Test-TrailingSpace-0.0500 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1844363 --- Comment #1 from Upstream Release Monitoring --- An HTTP error occurred downloading the package's new Source URLs: Getting https://cpan.metacpan.org/modules/by-module/Test/Test-TrailingSpace-0.0500.tar.gz to ./Test-TrailingSpace-0.0500.tar.gz -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844363] New: perl-Test-TrailingSpace-0.0500 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1844363 Bug ID: 1844363 Summary: perl-Test-TrailingSpace-0.0500 is available Product: Fedora Version: rawhide Status: NEW Component: perl-Test-TrailingSpace Keywords: FutureFeature, Triaged Assignee: p...@city-fan.org Reporter: upstream-release-monitor...@fedoraproject.org QA Contact: extras...@fedoraproject.org CC: i...@cicku.me, p...@city-fan.org, perl-devel@lists.fedoraproject.org Target Milestone: --- Classification: Fedora Latest upstream release: 0.0500 Current version/release in rawhide: 0.0400-1.fc33 URL: http://search.cpan.org/dist/Test-TrailingSpace/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/3420/ -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1843862] perl-Email-Stuffer-0.017-7.fc33 FTBFS: t/basic.t: Failed test 'Email contains attachment content-Type'
https://bugzilla.redhat.com/show_bug.cgi?id=1843862 --- Comment #3 from Fedora Update System --- FEDORA-2020-876cc5556b has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2020-876cc5556b -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1843862] perl-Email-Stuffer-0.017-7.fc33 FTBFS: t/basic.t: Failed test 'Email contains attachment content-Type'
https://bugzilla.redhat.com/show_bug.cgi?id=1843862 --- Comment #2 from Fedora Update System --- FEDORA-2020-6b3f655fb9 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-6b3f655fb9 -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1835353] rubygem-mail: Out of memory issue through nested MIME parts
https://bugzilla.redhat.com/show_bug.cgi?id=1835353 Paul Howarth changed: What|Removed |Added Flags|needinfo?(p...@city-fan.org | |) | --- Comment #5 from Paul Howarth --- @Yadnyawalk, I've no idea about ruby-mail I'm afraid; my interest in this was regarding the perl modules, which I co-maintain. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1843862] perl-Email-Stuffer-0.017-7.fc33 FTBFS: t/basic.t: Failed test 'Email contains attachment content-Type'
https://bugzilla.redhat.com/show_bug.cgi?id=1843862 Petr Pisar changed: What|Removed |Added Status|ASSIGNED|MODIFIED Version|rawhide |31 Fixed In Version||perl-Email-Stuffer-0.017-8. ||fc33 --- Comment #1 from Petr Pisar --- perl-Email-MIME-1.949 was pushed into all Fedoras and EPEL ≥ 8. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1843866] perl-Mango-1.30-7.fc33 FTBFS: t/bson.t: Failed test 'successful roundtrip'
https://bugzilla.redhat.com/show_bug.cgi?id=1843866 Petr Pisar changed: What|Removed |Added Status|NEW |CLOSED Fixed In Version||perl-Mango-1.30-8.fc33 Resolution|--- |RAWHIDE Last Closed||2020-06-05 07:53:50 -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1843862] perl-Email-Stuffer-0.017-7.fc33 FTBFS: t/basic.t: Failed test 'Email contains attachment content-Type'
https://bugzilla.redhat.com/show_bug.cgi?id=1843862 Petr Pisar changed: What|Removed |Added Status|NEW |ASSIGNED Assignee|jples...@redhat.com |ppi...@redhat.com -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1840560] perl-Prima-1.59 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1840560 Petr Pisar changed: What|Removed |Added Status|ASSIGNED|CLOSED Fixed In Version||perl-Prima-1.59-1.fc33 Resolution|--- |RAWHIDE Last Closed||2020-06-05 07:36:15 --- Comment #1 from Petr Pisar --- Incompatible changes, new text rendering, removes a support for non-Unicode fonts in PostScript. Suitable for Rawhide only. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1840560] perl-Prima-1.59 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1840560 Petr Pisar changed: What|Removed |Added Status|NEW |ASSIGNED CC|ppi...@redhat.com | Doc Type|--- |If docs needed, set a value -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844008] perl-Devel-PatchPerl-2.00 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1844008 --- Comment #1 from Fedora Update System --- FEDORA-2020-1d68327140 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-1d68327140 -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844121] perl-HTTP-Daemon-6.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1844121 Petr Pisar changed: What|Removed |Added Status|ASSIGNED|CLOSED Fixed In Version||perl-HTTP-Daemon-6.12-1.fc3 ||3 Resolution|--- |RAWHIDE Last Closed||2020-06-05 06:07:37 --- Comment #1 from Petr Pisar --- A bug-fix release suitable for Fedora ≥ 33. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1844008] perl-Devel-PatchPerl-2.00 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1844008 Jitka Plesnikova changed: What|Removed |Added Status|NEW |MODIFIED Fixed In Version||perl-Devel-PatchPerl-2.00-1 ||.fc33 Doc Type|--- |If docs needed, set a value -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org