Bug 26666

Summary: abcm2ps new security issues CVE-2018-10753 and CVE-2018-10771
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Alex Loginov <loginov_alex>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: mageia
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: abcm2ps-7.8.14-2.mga8.src.rpm CVE:
Status comment:

Description David Walser 2020-05-21 22:26:37 CEST 
Fedora has issued an advisory today (May 21):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/W6DUTXB4EC3TQHTTAAIBKJ54GJTF6Y7V/

The issues are fixed upstream in 8.13.21 and 8.14.7.
David Walser 2020-05-21 22:29:03 CEST

Status comment: (none) => Fixed upstream in 8.13.21 and 8.14.7

Comment 1 Nicolas Lécureuil 2020-05-22 00:13:06 CEST 
Fixed in cauldron

Status: NEW => RESOLVED
CC: (none) => mageia
Resolution: (none) => FIXED

Comment 2 David Walser 2020-05-22 00:57:42 CEST 
Now actually fixed in abcm2ps-8.14.7-1.mga8.

Status comment: Fixed upstream in 8.13.21 and 8.14.7 => (none)

Comment 3 David Walser 2022-04-17 13:47:00 CEST 
This update also fixed CVE-2019-1010069:
https://www.debian.org/lts/security/2022/dla-2983