Bug 25297

Summary: dhcp new security issue CVE-2019-6470
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Base system maintainers <basesystem>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: marja11, shlomif, smelror
Version: 6   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: dhcp-4.3.5-1.mga6.src.rpm CVE:
Status comment:

Description David Walser 2019-08-12 20:54:02 CEST 
RedHat has issued an advisory on August 6:
https://access.redhat.com/errata/RHSA-2019:2060

The issue is fixed upstream in 4.4.1.
Comment 1 Marja Van Waes 2019-08-14 07:47:56 CEST 
Assigning to the Base System Maintainers, bexause "urpmq --requires-recursive basesystem-minimal | grep dhcp" returns both dhcp-client and dhcp-common.
CC'ing the registered maintainer and a recent (Cauldron) submitter of the package.

CC: (none) => marja11, shlomif, smelror
Assignee: bugsquad => basesystem

Comment 2 David Walser 2019-11-06 00:36:04 CET 
Mageia 6 is EOL.

Resolution: (none) => OLD
Status: NEW => RESOLVED