Bug 29676

Summary: accountsservice new security issue CVE-2021-3939
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED INVALID QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: marja11, nicolas.salguero
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8TOO
Source RPM: accountsservice-0.6.55-2.mga8.src.rpm CVE:
Status comment: Patch available from Ubuntu

Description David Walser 2021-11-19 18:57:07 CET 
Ubuntu has issued an advisory on November 16:
https://ubuntu.com/security/notices/USN-5149-1

Mageia 8 is also affected.
David Walser 2021-11-19 18:57:25 CET

Whiteboard: (none) => MGA8TOO
Status comment: (none) => Patch available from Ubuntu

Comment 1 Nicolas Salguero 2021-11-20 13:27:55 CET 
Hi,

CVE-2021-3939 only affects Ubuntu because it was caused by the patch debian/patches/0010-set-language.patch.

Best regards,

Nico.

CC: (none) => nicolas.salguero

Comment 2 Marja Van Waes 2021-11-20 14:37:19 CET 
(In reply to Nicolas Salguero from comment #1)
> Hi,
> 
> CVE-2021-3939 only affects Ubuntu because it was caused by the patch
> debian/patches/0010-set-language.patch.
> 
> Best regards,
> 
> Nico.

Thanks Nico, so closing.

CC: (none) => marja11
Status: NEW => RESOLVED
Resolution: (none) => INVALID