| Summary: | toxcore new security issue CVE-2021-44847 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, eatdirt, herman.viaene, mageia, sysadmin-bugs |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | toxcore-0.2.12-1.mga8.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2021-12-27 18:57:04 CET
David Walser
2021-12-27 18:57:18 CET
Status comment:
(none) =>
Fixed upstream in 0.2.13 new version pushed in mga9.
Fixed in mga8:
src:
- toxcore-0.2.12-1.1.mga8Whiteboard:
MGA8TOO =>
(none) libtoxcore-devel-0.2.12-1.1.mga8 libtoxcore2-0.2.12-1.1.mga8 from toxcore-0.2.12-1.1.mga8.src.rpm MGA8-64 Plasma on Lenovo B50 in Dutch No installation issues. Installed qtox to test $ strace -o libtox.txt qtox [15:13:53.012 UTC] persistence/db/rawdatabase.cpp:199 : Info: Opened database with SQLCipher "4.0 default" parameters [ALSOFT] (WW) Querying error state on null context (implicitly 0xa004) [15:13:53.815 UTC] net/updatecheck.cpp:139 : Info: Update available to version "v1.17.4" [15:13:55.943 UTC] network.c:556 : Warning: unknown address type: 0 The qtoxwindow opened OK and I could add a new profile. Then rumaged around in the different tabs. Checked the trace, found refs to libtoxcore. OK for me. Whiteboard:
(none) =>
MGA8-64-OK Validating. Keywords:
(none) =>
validated_update
Dave Hodgins
2021-12-30 03:02:59 CET
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0596.html Resolution:
(none) =>
FIXED |