Bug 30343

Summary: zchunk new security issues fixed upstream in 1.2.2
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: All Packagers <pkg-bugs>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: nicolas.salguero
Version: 8   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: zchunk-1.1.9-1.mga8.src.rpm CVE:
Status comment:

Description David Walser 2022-04-26 17:23:39 CEST 
Fedora has issued an advisory today (April 26):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XXII4AWVNWF633A6PKSLIV66YXGQBUVN/

The issues are fixed upstream in 1.2.2.

Mageia 8 is also affected.
David Walser 2022-04-26 17:23:50 CEST

Whiteboard: (none) => MGA8TOO

Comment 1 Lewis Smith 2022-04-26 20:39:47 CEST 
This is supposidly Neal's baby, but other people have been maintaining it for a long time, so assigning this globally.

Assignee: bugsquad => pkg-bugs

Comment 2 Nicolas Salguero 2022-05-10 13:27:51 CEST 
Hi,

For Cauldron, zchunk was updated to version 1.2.2.

Best regards,

Nico.

CC: (none) => nicolas.salguero
Whiteboard: MGA8TOO => (none)
Version: Cauldron => 8
Source RPM: zchunk-1.2.1-2.mga9.src.rpm => zchunk-1.1.9-1.mga8.src.rpm

Comment 3 Nicolas Salguero 2024-01-12 09:50:14 CET 
Mageia 8 EOL

Resolution: (none) => OLD
Status: NEW => RESOLVED