| Summary: | libzypp, zypper new security issue CVE-2017-9271 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | Nicolas Lécureuil <mageia> |
| Status: | RESOLVED OLD | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | cjw |
| Version: | 7 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | libzypp-17.20.0-6.mga8.src.rpm, zypper-1.14.33-2.mga8.src.rpm | CVE: | |
| Status comment: | Fixed upstream in libzypp 17.25.4 / zypper 1.14.41 | ||
|
Description
David Walser
2021-01-13 19:29:21 CET
David Walser
2021-01-13 19:30:01 CET
Whiteboard:
(none) =>
MGA7TOO Freeze push asked for cauldron. Version:
Cauldron =>
7
David Walser
2021-01-13 22:22:31 CET
Version:
7 =>
Cauldron Re-reading the advisory, it looks like zypper needs updated to 1.14.41 too. Status comment:
Fixed upstream in 17.25.4 =>
Fixed upstream in libzypp 17.25.4 / zypper 1.14.41 Done: in cauldron, Wed Jan 13, New version 1.14.42. Leaving this with NicolasL as already dealing with it. CC'ing cjw as the principle maintaner. Assignee:
bugsquad =>
mageia libzypp and zypper are now fixed in cauldron Whiteboard:
MGA7TOO =>
(none) openSUSE has issued an advisory for this on January 14: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FB5G3FIS4OQH3FX723SLMBOC4P37HKHV/ https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/ Resolution:
(none) =>
OLD |