Bug 20176

Summary: fedmsg new security issue CVE-2017-1000001
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Philippe Makowski <makowski.mageia>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://lwn.net/Vulnerabilities/712494/
Whiteboard:
Source RPM: fedmsg-0.17.2-1.mga6.src.rpm CVE:
Status comment:

Description David Walser 2017-01-25 01:19:17 CET 
Fedora has issued an advisory today (January 24):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BQTD43DKM4POZPUGIIHMGFJGZHCTEI5F/

The issue is fixed in 0.18.2.
David Walser 2017-01-25 23:49:22 CET

URL: (none) => https://lwn.net/Vulnerabilities/712494/

Comment 1 Philippe Makowski 2017-01-26 14:48:30 CET 
freeze push for update to 0.18.2 asked
Comment 2 David Walser 2017-01-27 22:16:50 CET 
Thanks Philippe.  fedmsg-0.18.2-1.mag6 has been uploaded.

Status: NEW => RESOLVED
Resolution: (none) => FIXED