Bug 22495

Summary: coreutils new security issue CVE-2017-18018
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Base system maintainers <basesystem>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: marja11, mhrambo3501, tmb
Version: 6   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: coreutils-8.28-1.mga7.src.rpm CVE:
Status comment: Patch available from Fedora, documentation-only fix
Bug Depends on: 23825    
Bug Blocks:    

Description David Walser 2018-01-31 03:33:50 CET 
Fedora has issued an advisory today (January 30):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JK2ISMPYUEU3JS3L7AVXEHWCI56INCJJ/

Mageia 5 and Mageia 6 are also affected.

Seeing as the "fix" is only in the documentation, issuing an update just for this is unnecessary, but it would be nice to backport the change and commit it in SVN.
David Walser 2018-01-31 03:34:02 CET

Whiteboard: (none) => MGA6TOO

Marja Van Waes 2018-01-31 11:25:47 CET

Assignee: bugsquad => basesystem
CC: (none) => marja11, tmb

David Walser 2018-02-02 18:32:58 CET

Status comment: (none) => Patch available from Fedora, documentation-only fix

Comment 1 David Walser 2019-01-01 04:28:02 CET 
Fixed upstream in 8.30, updated in Cauldron by tv.

Version: Cauldron => 6
Whiteboard: MGA6TOO => (none)

David Walser 2019-01-01 04:28:05 CET

Depends on: (none) => 23825

Comment 2 Mike Rambo 2019-11-06 13:19:16 CET 
Mageia 6 is EOL.

Resolution: (none) => OLD
CC: (none) => mrambo
Status: NEW => RESOLVED