Bug 984040
Summary: | openjpa: CVE-2013-1768 openjpa: Remote arbitrary code execution by creating a serialized object and leveraging improperly secured server programs [fedora-all] | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jan Lieskovsky <jlieskov> |
Component: | openjpa | Assignee: | gil cattaneo <puntogil> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 19 | CC: | java-sig-commits, puntogil |
Target Milestone: | --- | Keywords: | Security, SecurityTracking |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | component:openjpa | ||
Fixed In Version: | openjpa-2.2.0-3.fc18 | Doc Type: | Release Note |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-07-22 00:26:01 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 984034 |
Description
Jan Lieskovsky
2013-07-12 15:24:05 UTC
Please use the following update submission link to create the Bodhi request for this issue as it contains the top-level parent bug(s) as well as this tracking bug. This will ensure that all associated bugs get updated when new packages are pushed to stable. Please also ensure that the "Close bugs when update is stable" option remains checked. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=984034,984040 openjpa-2.2.1-5.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/openjpa-2.2.1-5.fc19 openjpa-2.2.0-3.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/openjpa-2.2.0-3.fc17 openjpa-2.2.0-3.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/openjpa-2.2.0-3.fc18 (In reply to Jan Lieskovsky from comment #1) > Please use the following update submission link to create the Bodhi > request for this issue as it contains the top-level parent bug(s) as well > as this tracking bug. This will ensure that all associated bugs get > updated when new packages are pushed to stable. > > Please also ensure that the "Close bugs when update is stable" option > remains checked. > > Bodhi update submission link: > https://admin.fedoraproject.org/updates/new/?type_=security&bugs=984034, > 984040 hi sorry i can't use the proposed link bodhi return to me the following error can't merge fc19 with fc1X build (synthesized) regards openjpa-2.2.1-6.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/openjpa-2.2.1-6.fc19 Package openjpa-2.2.1-6.fc19: * should fix your issue, * was pushed to the Fedora 19 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing openjpa-2.2.1-6.fc19' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-12948/openjpa-2.2.1-6.fc19 then log in and leave karma (feedback). openjpa-2.2.0-3.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. openjpa-2.2.1-6.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. openjpa-2.2.0-3.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report. |