Bug 1429812

Summary: [CodeChange][RFE] unboundid-ldapsdk-4.0.5 is available
Product: Red Hat Enterprise Virtualization Manager Reporter: Sandro Bonazzola <sbonazzo>
Component: unboundid-ldapsdkAssignee: Sandro Bonazzola <sbonazzo>
Status: CLOSED ERRATA QA Contact: Pavol Brilla <pbrilla>
Severity: medium Docs Contact:
Priority: high    
Version: unspecifiedCC: alonbl, bburmest, extras-qa, lsurette, lsvaty, Rhev-m-bugs, sbonazzo, trichard, upstream-release-monitoring, ykaul, ylavi
Target Milestone: ovirt-4.2.3Keywords: FutureFeature, Rebase, Triaged
Target Release: ---Flags: gklein: testing_plan_complete-
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: unboundid-ldapsdk-4.0.5-1.el7ev Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Version 4.0.5 of the UnboundID LDAP SDK for Java fixes CVE-2018-1000134. See https://nawilson.com/2018/03/19/cve-2018-1000134-and-the-unboundid-ldap-sdk-for-java/ for more information.
 Story Points: ---
Clone Of: 1429722 Environment:
Last Closed: 2018-05-15 17:31:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Integration RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1429722    
Bug Blocks:    

Description Sandro Bonazzola 2017-03-07 07:09:34 UTC 
+++ This bug was initially created as a clone of Bug #1429722 +++

Latest upstream release: 3.2.1
Current version/release in rawhide: 3.2.0-2.fc26
URL: https://www.ldap.com/unboundid-ldap-sdk-for-java

Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy

More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring

Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.

Based on the information from anitya:  https://release-monitoring.org/project/6199/

--- Additional comment from Upstream Release Monitoring on 2017-03-06 19:13:54 EST ---



--- Additional comment from Upstream Release Monitoring on 2017-03-06 19:16:36 EST ---

hotness's scratch build of unboundid-ldapsdk-3.2.1-1.el7.src.rpm for rawhide completed http://koji.fedoraproject.org/koji/taskinfo?taskID=18235243

--- Additional comment from Upstream Release Monitoring on 2017-03-07 01:48:24 EST ---

sbonazzo's unboundid-ldapsdk-3.2.1-1.fc27 completed http://koji.fedoraproject.org/koji/buildinfo?buildID=865397

--- Additional comment from Fedora Update System on 2017-03-07 02:07:34 EST ---

unboundid-ldapsdk-3.2.1-1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-e111731937

--- Additional comment from Fedora Update System on 2017-03-07 02:07:41 EST ---

unboundid-ldapsdk-3.2.1-1.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-7324baefd0
Comment 4 Sandro Bonazzola 2018-03-28 15:17:02 UTC 
Rebasing on 4.0.5
Comment 10 errata-xmlrpc 2018-05-15 17:31:17 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:1464
Comment 11 Franta Kust 2019-05-16 13:07:26 UTC 
BZ<2>Jira Resync