Bug 20067

Summary: springframework new security issue CVE-2016-9878
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Nicolas Lécureuil <mageia>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: geiger.david68210
Version: 5   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://lwn.net/Vulnerabilities/710483/
Whiteboard:
Source RPM: springframework-3.2.15-5.mga6.src.rpm CVE: CVE-2016-9878
Status comment:

Description David Walser 2017-01-03 20:20:11 CET 
Fedora has issued an advisory on January 1:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LZOCSLRNKPONWYYOQO7A4LWEOQH7B7X3/

The issue is fixed in 3.2.18.

Mageia 5 is also affected.
David Walser 2017-01-03 20:20:30 CET

CC: (none) => geiger.david68210
Whiteboard: (none) => MGA5TOO

David Walser 2017-01-03 20:27:05 CET

URL: (none) => https://lwn.net/Vulnerabilities/710483/

Comment 1 Nicolas Lécureuil 2017-04-28 13:48:59 CEST 
Fixed in cauldron

Version: Cauldron => 5
Whiteboard: MGA5TOO => (none)
CVE: (none) => CVE-2016-9878

Comment 2 David Walser 2017-12-27 04:35:27 CET 
We won't be fixing these kind of packages for Mageia 5.

Status: NEW => RESOLVED
Resolution: (none) => OLD