{"update": {"autokarma": false, "autotime": false, "stable_karma": 3, "stable_days": 14, "unstable_karma": -3, "require_bugs": true, "require_testcases": false, "display_name": "", "notes": "Update to 1.5.17 fixing several CVEs (see bugs), rebuilt depending packages libASL and openmeeg (soversion bump)\n", "type": "security", "status": "stable", "request": null, "severity": "low", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2020-07-17 19:03:03", "date_modified": "2020-07-20 10:53:15", "date_approved": null, "date_testing": "2020-07-21 00:42:00", "date_stable": "2020-08-11 00:29:02", "alias": "FEDORA-EPEL-2020-2c80eb66b5", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2020-08-11 00:29:02", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-2c80eb66b5", "title": "libASL-0.1.7-6.el7 matio-1.5.17-3.el7 openmeeg-2.4-0.4.rc4.el7", "version_hash": "fce64992b0a405e527718122ff377336e232620d", "release": {"name": "EPEL-7", "long_name": "Fedora EPEL 7", "version": "7", "id_prefix": "FEDORA-EPEL", "branch": "epel7", "dist_tag": "epel7", "stable_tag": "epel7", "testing_tag": "epel7-testing", "candidate_tag": "epel7-testing-candidate", "pending_signing_tag": "epel7-signing-pending", "pending_testing_tag": "epel7-testing-pending", "pending_stable_tag": "epel7-pending", "override_tag": "epel7-override", "mail_template": "fedora_epel_legacy_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "unspecified", "testing_repository": null, "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by lupinix. ", "timestamp": "2020-07-17 19:03:03", "update_id": 219943, "user_id": 91, "id": 1461526, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2020-07-17 19:03:04", "update_id": 219943, "user_id": 91, "id": 1461527, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2020-07-17 19:03:04", "update_id": 219943, "user_id": 91, "id": 1461528, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2020-07-17 19:42:35", "update_id": 219943, "user_id": 91, "id": 1461550, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2020-07-18 00:23:45", "update_id": 219943, "user_id": 91, "id": 1461826, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "bug_feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1683942, "bug": {"bug_id": 1683942, "title": "CVE-2019-9033 matio: stack-based buffer over-read in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1683947, "bug": {"bug_id": 1683947, "title": "CVE-2019-9034 matio: stack-based buffer over-read for a memcpy in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1683986, "bug": {"bug_id": 1683986, "title": "CVE-2019-9035 matio: stack-based buffer over-read in function ReadNextStructField() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1683990, "bug": {"bug_id": 1683990, "title": "CVE-2019-9036 matio: heap-based buffer overflow in function ReadNextFunctionHandle() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1683993, "bug": {"bug_id": 1683993, "title": "CVE-2019-9037 matio: buffer over-read in function Mat_VarPrint() in mat.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1684002, "bug": {"bug_id": 1684002, "title": "CVE-2019-9038 matio: out-of-bounds read with SEGV in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1684009, "bug": {"bug_id": 1684009, "title": "CVE-2019-9026 matio: heap-based buffer overflow in function InflateVarName() in inflate.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1684014, "bug": {"bug_id": 1684014, "title": "matio: CVE-2019-02-9027 matio: heap-based buffer overflow in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1684017, "bug": {"bug_id": 1684017, "title": "CVE-2019-9028 matio: stack-based buffer over-read in the function InflateDimensions() in inflate.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1684020, "bug": {"bug_id": 1684020, "title": "CVE-2019-9029 matio: out-of-bounds read with SEGV in function Mat_VarReadNextInfo5() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1684025, "bug": {"bug_id": 1684025, "title": "CVE-2019-9030 matio: stack-based buffer over-read in Mat_VarReadNextInfo5() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1684041, "bug": {"bug_id": 1684041, "title": "CVE-2019-9032 matio: out-of-bounds write in function Mat_VarFree() in mat.c resulting in SEGV [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1685379, "bug": {"bug_id": 1685379, "title": "CVE-2019-9031 matio: null pointer dereference in function Mat_VarFree() in mat.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463164, "bug_id": 1728478, "bug": {"bug_id": 1728478, "title": "CVE-2019-13107 matio: multiple interger overflow in mat.c, mat4.c, mat5.c, mat73.c and matvar_struct.c [epel-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 91, "id": 1463165, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "bug_feedback": [{"karma": 0, "comment_id": 1463178, "bug_id": 1683942, "bug": {"bug_id": 1683942, "title": "CVE-2019-9033 matio: stack-based buffer over-read in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1683947, "bug": {"bug_id": 1683947, "title": "CVE-2019-9034 matio: stack-based buffer over-read for a memcpy in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1683986, "bug": {"bug_id": 1683986, "title": "CVE-2019-9035 matio: stack-based buffer over-read in function ReadNextStructField() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1683990, "bug": {"bug_id": 1683990, "title": "CVE-2019-9036 matio: heap-based buffer overflow in function ReadNextFunctionHandle() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1683993, "bug": {"bug_id": 1683993, "title": "CVE-2019-9037 matio: buffer over-read in function Mat_VarPrint() in mat.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684002, "bug": {"bug_id": 1684002, "title": "CVE-2019-9038 matio: out-of-bounds read with SEGV in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684009, "bug": {"bug_id": 1684009, "title": "CVE-2019-9026 matio: heap-based buffer overflow in function InflateVarName() in inflate.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684014, "bug": {"bug_id": 1684014, "title": "matio: CVE-2019-02-9027 matio: heap-based buffer overflow in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684017, "bug": {"bug_id": 1684017, "title": "CVE-2019-9028 matio: stack-based buffer over-read in the function InflateDimensions() in inflate.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684020, "bug": {"bug_id": 1684020, "title": "CVE-2019-9029 matio: out-of-bounds read with SEGV in function Mat_VarReadNextInfo5() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684025, "bug": {"bug_id": 1684025, "title": "CVE-2019-9030 matio: stack-based buffer over-read in Mat_VarReadNextInfo5() in mat5.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684041, "bug": {"bug_id": 1684041, "title": "CVE-2019-9032 matio: out-of-bounds write in function Mat_VarFree() in mat.c resulting in SEGV [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1685379, "bug": {"bug_id": 1685379, "title": "CVE-2019-9031 matio: null pointer dereference in function Mat_VarFree() in mat.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1728478, "bug": {"bug_id": 1728478, "title": "CVE-2019-13107 matio: multiple interger overflow in mat.c, mat4.c, mat5.c, mat73.c and matvar_struct.c [epel-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been unpushed.", "timestamp": "2020-07-20 10:21:59", "update_id": 219943, "user_id": 763, "id": 1463179, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}, {"karma": 0, "karma_critpath": 0, "text": "lupinix edited this update.\n\nNew build(s):\n\n- openmeeg-2.4-0.4.rc4.el7\n- libASL-0.1.7-6.el7\n\nKarma has been reset.", "timestamp": "2020-07-20 10:53:14", "update_id": 219943, "user_id": 91, "id": 1463217, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by lupinix. ", "timestamp": "2020-07-20 10:53:14", "update_id": 219943, "user_id": 91, "id": 1463218, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2020-07-21 00:42:40", "update_id": 219943, "user_id": 91, "id": 1464300, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2020-08-04 00:42:12", "update_id": 219943, "user_id": 91, "id": 1533414, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by lupinix. ", "timestamp": "2020-08-10 12:55:24", "update_id": 219943, "user_id": 91, "id": 1561149, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2020-08-11 00:29:53", "update_id": 219943, "user_id": 91, "id": 1562309, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "libASL-0.1.7-6.el7", "signed": true, "release_id": 8, "type": "rpm", "epoch": 0}, {"nvr": "matio-1.5.17-3.el7", "signed": true, "release_id": 8, "type": "rpm", "epoch": 0}, {"nvr": "openmeeg-2.4-0.4.rc4.el7", "signed": true, "release_id": 8, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1683942, "title": "CVE-2019-9033 matio: stack-based buffer over-read in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1683942, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1683942, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1683947, "title": "CVE-2019-9034 matio: stack-based buffer over-read for a memcpy in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1683947, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1683947, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1683986, "title": "CVE-2019-9035 matio: stack-based buffer over-read in function ReadNextStructField() in mat5.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1683986, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1683986, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1683990, "title": "CVE-2019-9036 matio: heap-based buffer overflow in function ReadNextFunctionHandle() in mat5.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1683990, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1683990, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1683993, "title": "CVE-2019-9037 matio: buffer over-read in function Mat_VarPrint() in mat.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1683993, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1683993, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1684002, "title": "CVE-2019-9038 matio: out-of-bounds read with SEGV in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1684002, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684002, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1684009, "title": "CVE-2019-9026 matio: heap-based buffer overflow in function InflateVarName() in inflate.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1684009, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684009, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1684014, "title": "matio: CVE-2019-02-9027 matio: heap-based buffer overflow in function ReadNextCell() in mat5.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1684014, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684014, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1684017, "title": "CVE-2019-9028 matio: stack-based buffer over-read in the function InflateDimensions() in inflate.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1684017, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684017, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1684020, "title": "CVE-2019-9029 matio: out-of-bounds read with SEGV in function Mat_VarReadNextInfo5() in mat5.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1684020, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684020, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1684025, "title": "CVE-2019-9030 matio: stack-based buffer over-read in Mat_VarReadNextInfo5() in mat5.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1684025, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684025, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1684041, "title": "CVE-2019-9032 matio: out-of-bounds write in function Mat_VarFree() in mat.c resulting in SEGV [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1684041, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1684041, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1685379, "title": "CVE-2019-9031 matio: null pointer dereference in function Mat_VarFree() in mat.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1685379, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1685379, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}, {"bug_id": 1728478, "title": "CVE-2019-13107 matio: multiple interger overflow in mat.c, mat4.c, mat5.c, mat73.c and matvar_struct.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1463164, "bug_id": 1728478, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update includes .so version bump. So all packages using libmatio must be updated at the same time.\n\npackage: libASL-0.1.7-5.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n\npackage: openmeeg-2.4-0.3.rc4.el7.x86_64\n\nunresolved deps: \n\n     libmatio.so.2()(64bit)\n", "timestamp": "2020-07-20 09:44:59", "update_id": 219943, "user_id": 4048, "id": 1463164, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1463178, "bug_id": 1728478, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for the hint! I did not expect that for a minor version bump 1.5.x \u2192 1.5.y \u2026 Unpushing the update for now", "timestamp": "2020-07-20 10:21:51", "update_id": 219943, "user_id": 763, "id": 1463178, "testcase_feedback": [], "user": {"name": "lupinix", "email": "lupinix.fedora@gmail.com", "id": 763, "avatar": "https://seccdn.libravatar.org/avatar/cc585f3cc94963db2fbb249c2b874edfa90d3236a6a00015ef926ae0e6867e2b?s=24&d=retro", "openid": "lupinix.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "python-sig"}, {"name": "kde-sig"}, {"name": "astro-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitspin-kickstarts"}, {"name": "scitech"}, {"name": "python-packagers-sig"}]}}}]}], "updateid": "FEDORA-EPEL-2020-2c80eb66b5", "karma": 0, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}