Bug 30635

Summary: libzypp new security issue bsc#1184501
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Christiaan Welvaart <cjw>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: geiger.david68210, marja11, nicolas.salguero
Version: 8   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: libzypp-17.28.4-7.mga9.src.rpm CVE:
Status comment: 17.29.6

Description David Walser 2022-07-14 19:18:25 CEST 
SUSE has issued an advisory today (July 14):
https://lists.suse.com/pipermail/sle-security-updates/2022-July/011544.html

The issue is fixed upstream in 17.29.6.

Mageia 8 is also affected.
David Walser 2022-07-14 19:18:40 CEST

Whiteboard: (none) => MGA8TOO
Status comment: (none) => 17.29.6

Comment 1 Marja Van Waes 2022-07-16 11:34:32 CEST 
Assigning to our registered libzypp maintainer.

CC: (none) => marja11
Assignee: bugsquad => cjw

Comment 2 David Walser 2022-09-01 23:17:51 CEST 
openSUSE has issued an advisory for this today (September 1):
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AYJVCDZFHL3RLKSFHF4ITKBC25PHGJ5K/
Comment 3 David GEIGER 2023-07-01 16:46:39 CEST 
cauldron was updated to 17.31.1, so fixed here.

CC: (none) => geiger.david68210
Version: Cauldron => 8
Whiteboard: MGA8TOO => (none)

Comment 4 Nicolas Salguero 2024-01-12 09:59:13 CET 
Mageia 8 EOL

CC: (none) => nicolas.salguero
Status: NEW => RESOLVED
Resolution: (none) => OLD