Bug 30771

Summary: systemd new security issue CVE-2022-2526
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Thomas Backlund <tmb>
Status: RESOLVED INVALID QA Contact: Sec team <security>
Severity: critical    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8TOO
Source RPM: systemd-251.4-1.mga9.src.rpm CVE:
Status comment:

Description David Walser 2022-08-24 21:27:52 CEST 
RedHat has issued an advisory today (August 24):
https://access.redhat.com/errata/RHSA-2022:6160

Mageia 8 is also affected.
David Walser 2022-08-24 21:27:59 CEST

Whiteboard: (none) => MGA8TOO

Comment 1 Thomas Backlund 2022-08-24 21:52:32 CEST 
 Ancient bug.

 Fix landed upstream in 2018 in v240, and mga8 has v246.

Resolution: (none) => INVALID
Status: NEW => RESOLVED

Comment 2 David Walser 2022-08-24 21:54:39 CEST 
I see, thanks.  I guess they only recently realized the security implications of the fix, hence the 2022 CVE.