Bug 22557

Summary: ruby-omniauth new security CVE-2017-18076
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: 5   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: ruby-omniauth-1.2.1-3.mga5.src.rpm CVE:
Status comment:

Description David Walser 2018-02-10 21:05:27 CET 
Debian has issued an advisory on February 9:
https://www.debian.org/security/2018/dsa-4109

From the Debian bug, it sounds like it was fixed upstream in 1.6.1.

We dropped this package after Mageia 5 and it's not worth fixing in Mageia 5 now (nothing appears to use it).  Filing this bug just for informational purposes.
Comment 1 David Walser 2018-02-10 21:05:42 CET 
Closing.

Resolution: (none) => OLD
Status: NEW => RESOLVED