Bug 24510

Summary: waagent new security issue CVE-2019-0804
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: All Packagers <pkg-bugs>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: geiger.david68210, marja11, nicolas.salguero
Version: 6   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: waagent-2.2.34-2.mga7.src.rpm CVE:
Status comment:

Description David Walser 2019-03-13 19:54:50 CET 
Debian and Ubuntu have issued advisories on March 12:
https://www.debian.org/security/2019/dsa-4406
https://usn.ubuntu.com/3907-1/

Mageia 6 is also affected.
David Walser 2019-03-13 19:54:55 CET

Whiteboard: (none) => MGA6TOO

Comment 1 Marja Van Waes 2019-03-14 16:12:16 CET 
Assigning to all packagers collectively, since there is no registered maintainer for this package.
Also CC'ing a submitter.

Assignee: bugsquad => pkg-bugs
CC: (none) => geiger.david68210, marja11

Comment 2 Nicolas Salguero 2019-03-26 13:48:24 CET 
Hi,

For Cauldron, waagent-2.2.34-3.mga7 should solve that issue.

Best regards,

Nico.

CC: (none) => nicolas.salguero

David Walser 2019-03-26 14:09:04 CET

Whiteboard: MGA6TOO => (none)
Version: Cauldron => 6

Comment 3 Nicolas Salguero 2019-11-06 16:18:30 CET 
Mageia 6 EOL

Status: NEW => RESOLVED
Resolution: (none) => OLD