| Summary: | jhead new security issues CVE-2021-34055 and CVE-2022-41751 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | Jani Välimaa <jani.valimaa> |
| Status: | RESOLVED OLD | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | geiger.david68210, nicolas.salguero |
| Version: | 8 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | jhead-3.06.0.1-2.mga9.src.rpm | CVE: | |
| Status comment: | Patches available from Fedora and openSUSE | ||
|
Description
David Walser
2022-10-27 14:49:15 CEST
David Walser
2022-10-27 14:49:25 CEST
Whiteboard:
(none) =>
MGA8TOO Assigning to Jani, registered maintainer. Assignee:
bugsquad =>
jani.valimaa openSUSE has issued an advisory for this on October 31: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SYRTRE3WPQSFOZ2DYZDAYDI3Q7I53AB6/ openSUSE has issued an advisory on November 14: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VFW7LPBWACIK5T4XBHVQEUEXUGR6W2Q7/ Mageia 8 is also affected. Summary:
jhead new security issue CVE-2022-41751 =>
jhead new security issues CVE-2021-34055 and CVE-2022-41751 Debian has issued an advisory for this on December 4: https://www.debian.org/security/2022/dsa-5294 Ubuntu has issued an advisory for this on May 25: https://ubuntu.com/security/notices/USN-6108-1 Freeze move requested for jhead 3.08 in Cauldron, which should fix these. Fixed on cauldron! Version:
Cauldron =>
8 Mageia 8 EOL CC:
(none) =>
nicolas.salguero |