From Fedora Project Wiki
mNo edit summary
mNo edit summary
Line 2: Line 2:
* [[User:Denisarnaud/Tasks/Completed/2019-08-re2]]
* [[User:Denisarnaud/Tasks/Completed/2019-08-re2]]


= ZeroMQ CVE issue =
= 2020-09 - ZeroMQ CVE issue =
* Bugzilla tickets:
* [[User:Denisarnaud/Tasks/Completed/2020-09-zeromq-cve]]
** [https://bugzilla.redhat.com/show_bug.cgi?id=1875223 BZ#1875223 - CVE-2020-15166 zeromq: unauthenticated clients causing denial-of-service (umbrella ticket)]
** [https://bugzilla.redhat.com/show_bug.cgi?id=1876689 BZ#1876689 - CVE-2020-15166 zeromq: unauthenticated clients causing denial-of-service (fedora-all)]
** [https://bugzilla.redhat.com/show_bug.cgi?id=1876690 BZ#1876690 - CVE-2020-15166 zeromq: unauthenticated clients causing denial-of-service (epel-all)]
** [https://bugzilla.redhat.com/show_bug.cgi?id=1876691 BZ#1876691 - CVE-2020-15166 zeromq3: unauthenticated clients causing denial-of-service (epel-all)]
** [https://bugzilla.redhat.com/show_bug.cgi?id=1876738 BZ#1876738 - zeromq-4.3.3 is available] (for all Fedora and EPEL 8)
* [https://github.com/zeromq/libzmq/security/advisories/GHSA-25wp-cf8g-938m Upstream page - Denial-of-Service on CURVE/ZAP-protected servers by unauthenticated clients]
* Upstream fix (for EPEL 7):
** [https://github.com/zeromq/libzmq/pull/3913 problem: zeromq connects peer before handshake is complete (#3913)]
** [https://github.com/zeromq/libzmq/pull/3973 Problem: test_security_zap occasionally segfaults (#3973)]


= CMake change - 2020-08 =
= CMake change - 2020-08 =

Revision as of 12:05, 15 August 2024

2019-08 - Upgrade of re2 on Rawhide

2020-09 - ZeroMQ CVE issue

CMake change - 2020-08

CMake 3.17 on EPEL 8

Changes/Python3.9

Hello,
Please note that this comment was generated automatically. If you feel that this output has mistakes, please contact me via email (ignatenkobrain@fedoraproject.org).
Your package (rmol) Fails To Install in Fedora 33:
can't install python3-rmol:
 - nothing provides libboost_python38.so.1.69.0()(64bit) needed by python3-rmol-1.00.4-2.fc32.x86_64
 
If you don't react accordingly to the policy for FTBFS/FTI bugs (https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails_to_install/), your package may be orphaned in 8+ weeks.
P.S. The data was generated solely from koji buildroot, so it might be newer than the latest compose or the content on mirrors.
P.P.S. If this bug has been reported in the middle of upgrading multiple dependent packages, please consider using side tags: https://docs.fedoraproject.org/en-US/rawhide-gating/multi-builds/

Changes/F31Boost170

The task has been given up, as neither Jon nor I have bandwidth for it.

May 2020 - Do not link with libpython3.8+

July 2019 - Python 3.8 for Fedora 31

Testing and mass rebuild of packages is happening in COPR. You can follow these instructions to test locally in mock if your package builds with Python 3.8: https://copr.fedorainfracloud.org/coprs/g/python/python3.8/