Bug 23207

Summary: ruby-sprockets new security issue CVE-2018-3760
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: 5   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: ruby-sprockets-2.12.3-1.mga5.src.rpm CVE:
Status comment:

Description David Walser 2018-06-20 13:24:19 CEST 
A security issue fixed upstream in ruby-sprockets has been announced:
http://openwall.com/lists/oss-security/2018/06/19/2
Comment 1 David Walser 2018-06-20 13:24:43 CEST 
We won't be fixing this package (dropped in Mageia 6).  Bug filed for information purposes.

Resolution: (none) => OLD
Status: NEW => RESOLVED

Comment 2 David Walser 2018-06-30 18:52:18 CEST 
openSUSE has issued an advisory for this on June 29:
https://lists.opensuse.org/opensuse-updates/2018-06/msg00146.html