| Summary: | sysstat new security issue CVE-2019-16167 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | geiger.david68210, mageia, sysadmin-bugs, tmb |
| Version: | 7 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA7-64-OK | ||
| Source RPM: | sysstat-12.1.4-1.mga7.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2019-12-03 18:58:52 CET
Done! Advisory: ======================== Updated sysstat package fixes security vulnerability: Memory corruption due to an integer overflow (CVE-2019-16167). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16167 https://lists.opensuse.org/opensuse-updates/2019-10/msg00168.html ======================== Updated packages in core/updates_testing: ======================== sysstat-12.1.6-1.mga7 from sysstat-12.1.6-1.mga7.src.rpm CC:
(none) =>
geiger.david68210 Installed and tested without issues. Tested the following CLI binaries: /usr/bin/iostat /usr/bin/mpstat /usr/bin/pidstat /usr/bin/sadf /usr/bin/sar No issues where observed in the various tests. Don't have CIFS or tapes so can't do a meaningful test for these CLI binaries: /usr/bin/cifsiostat /usr/bin/tapestat System: Mageia 7, x86_64, Intel CPU, 2 SSD drives, 1 HDD drive, 3 USB drives. $ uname -a Linux marte 5.3.13-desktop-2.mga7 #1 SMP Mon Nov 25 20:30:40 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ rpm -q sysstat sysstat-12.1.6-1.mga7 CC:
(none) =>
mageia
Thomas Backlund
2019-12-06 14:32:26 CET
CC:
(none) =>
tmb, sysadmin-bugs An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0371.html Status:
NEW =>
RESOLVED |