Bug 24754

Summary: gnuplot new security issues CVE-2018-1949[0-2]
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: All Packagers <pkg-bugs>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: geiger.david68210, mageia, marja11, nicolas.salguero, rverschelde, thierry.vignaud, tmb
Version: 6   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: gnuplot-5.2.2-4.mga7.src.rpm CVE:
Status comment:

Description David Walser 2019-05-03 20:42:51 CEST 
openSUSE has issued an advisory on April 16:
https://lists.opensuse.org/opensuse-updates/2019-04/msg00130.html

Mageia 6 is also affected.
David Walser 2019-05-03 20:42:56 CEST

Whiteboard: (none) => MGA6TOO

Comment 1 Marja Van Waes 2019-05-03 21:18:01 CEST 
Assigning to all packagers collectively, since there is no registered maintainer for this package.
Also CC'ing some submitters

Assignee: bugsquad => pkg-bugs
CC: (none) => geiger.david68210, mageia, marja11, rverschelde, thierry.vignaud

Comment 2 Nicolas Salguero 2019-06-07 15:44:51 CEST 
Hi,

For Cauldron, gnuplot-5.2.2-5.mga7 should solve that issue.

Best regards,

Nico.

CC: (none) => nicolas.salguero

Comment 3 David Walser 2019-06-07 19:16:16 CEST 
Thanks.  Hopefully it can be pushed to core/release.

Whiteboard: MGA6TOO => MGA7TOO, MGA6TOO
CC: (none) => tmb

Comment 4 Thomas Backlund 2019-06-18 21:43:00 CEST 
Cauldron package moved

Whiteboard: MGA7TOO, MGA6TOO => (none)
Version: Cauldron => 6

Comment 5 Nicolas Salguero 2019-11-06 16:23:01 CET 
Mageia 6 EOL

Resolution: (none) => OLD
Status: NEW => RESOLVED

Comment 6 David Walser 2020-11-02 16:11:39 CET 
*** Bug 27330 has been marked as a duplicate of this bug. ***