Advisory: ========== This update from 5.28.2 to 5.28.3 fixes bugs several bugs the RPM package manager. - Update to 5.23.3 (See https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod for release notes) - Security release fixes CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723 - Work around a glibc bug in caching LC_MESSAGES (GH#17081) - Fix POSIX:setlocale() documentation - Prevent from an integer overflow in POSIX::SigSet() - Fix thread-safety of IO::Handle (GH#14816) - Close :unix PerlIO layers properly (bug #987118) - Fix counting a recursion limit when matching in a postponed eval (GH#17490) - Fix sorting tied arrays (GH#17496) - Fix a spurious warning about a multidimensional syntax (GH#16535) - Normalize "#!/perl" shebangs in the tests - Fix a warning about an uninitialized value in B::Deparse (GH#17537) - Fix Time-Local tests to pass after year 2019 (CPAN RT#124787) List of generated packages: ============================= perl-5.28.3-2.mga7.i586.rpm perl-base-5.28.3-2.mga7.i586.rpm perl-devel-5.28.3-2.mga7.i586.rpm perl-doc-5.28.3-2.mga7.noarch.rpm perl-debugsource-5.28.3-2.mga7.i586.rpm perl-debuginfo-5.28.3-2.mga7.i586.rpm perl-base-debuginfo-5.28.3-2.mga7.i586.rpm (s/lib64/lib/ + s/x86_64/i586/ for i586) (likewas for armv7 vs aarch64)
Several questions: - Why is the package list just for i586? - Why are they for Perl rather than the SRPM cited 'rpm'? Should the latter be changed to, or have added, 'perl'? - For the Advisory, which SRPM/s is/are the one/s that matter/s? - Whatever the package list really is, are they in updates/testing for QA?
List of generated packages: ============================= perl-5.28.3-2.mga7 perl-base-5.28.3-2.mga7 perl-devel-5.28.3-2.mga7 perl-doc-5.28.3-2.mga7 perl-debugsource-5.28.3-2.mga7 perl-debuginfo-5.28.3-2.mga7 perl-base-debuginfo-5.28.3-2.mga7 from: perl-5.28.3-2.mga7.src.rpm
Lewis, just ignore the arch part. As for the rest, it's because for some reason Thierry keeps making new bugs by cloning old ones instead of just making a fresh new bug.
Component: RPM Packages => SecurityQA Contact: (none) => securityCC: andrewsfarm, fri, herman.viaene, qa-bugs, sysadmin-bugs, tmb, wilcal.int => (none)Source RPM: rpm-4.14.3-1.mga7..src.rpm => perl-5.28.2-2.mga7.src.rpmKeywords: advisory, validated_update => (none)
Depends on: 19710, 26576 => (none)Assignee: bugsquad => qa-bugs
Summary: Update candidate: perl => perl new security issues fixes CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723 (also update to 5.28.3)
Summary: perl new security issues fixes CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723 (also update to 5.28.3) => perl new security issues CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723 (also update to 5.28.3)
Please don't list debug* packages for QA, it just creates confusion.
I though that was needed for the push from core/updates_testing into core/updates
MGA7-64 Plasma on Lenovo B50 No installation issues. Following Len's lead in bug 25980, installed Frozen Bubble using gurmpi (why specifically that?). Played and won one level!!!!!! So OK.
Whiteboard: (none) => MGA7-64-OKCC: (none) => herman.viaene
(In reply to Thierry Vignaud from comment #5) > I though that was needed for the push from core/updates_testing into > core/updates no need because the script that upload uses the src.rpm names. The name of the rpms are needed for QA team to know what to install. But thank you for the update :)
Careful Herman, Frozen Bubble can be addictive... Validating. Advisory in Comment 0.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0255.html
Status: NEW => RESOLVEDResolution: (none) => FIXED