Bug 20774

Summary: coreutils new security issue CVE-2017-7476
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Base system maintainers <basesystem>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: mageia, marja11, tmb
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: coreutils-8.25-2.mga6.src.rpm CVE: CVE-2017-7476
Status comment:

Description David Walser 2017-05-02 03:33:07 CEST 
Fedora has issued an advisory today (May 1):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/B3HWXO6ND4Y7A7Q7KF5GUQ2BZANS6E4P/

The upstream fix is linked from the RedHat bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1445185

Mageia 5 is not affected.
Comment 1 Marja Van Waes 2017-05-02 07:31:21 CEST 
Assigning to the basesystem maintainers, while CC'ing the registered maintainer.

Assignee: bugsquad => basesystem
CC: (none) => marja11, tmb

Comment 2 Nicolas Lécureuil 2017-05-02 14:05:38 CEST 
Fixed in cauldron

CVE: (none) => CVE-2017-7476
Status: NEW => RESOLVED
Resolution: (none) => FIXED
CC: (none) => mageia