| Summary: | patchelf new security issue CVE-2022-44940 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, geiger.david68210, herman.viaene, sysadmin-bugs |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | patchelf-0.11-1.mga8.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2023-05-06 22:48:47 CEST
David Walser
2023-05-06 22:48:59 CEST
Status comment:
(none) =>
Fixed upstream in 0.16.0 Done for both mga8 and cauldron! freeze_move asked for cauldron. CC:
(none) =>
geiger.david68210 patchelf-0.16.1-1.mga8 from patchelf-0.16.1-1.mga8.src.rpm Freeze move for Cauldron pending. Source RPM:
patchelf-0.15.0-1.mga9.src.rpm =>
patchelf-0.11-1.mga8.src.rpm Another bug for you DavidG, since you have already done it... Assignee:
bugsquad =>
geiger.david68210 Assigning to QA Assignee:
geiger.david68210 =>
qa-bugs
David GEIGER
2023-05-12 06:36:20 CEST
Version:
Cauldron =>
8 MGA8-64 MATE on Acer Aspire 5253
No installation issues
No wiki, no previous updates. MCC reads "PatchELF is a simple utility for modifying an existing ELF executable or library. It can change the dynamic loader ("ELF interpreter") of an executable and change the RPATH of an executable or library."
That does nor sound like something an everyday user (or a QA person at that) would need to know.
At least it does nt seem to harm my system, so I propose to OK this on clean install.Whiteboard:
(none) =>
MGA8-64-OK Validating. Keywords:
(none) =>
validated_update
Dave Hodgins
2023-05-21 02:19:34 CEST
CC:
(none) =>
davidwhodgins An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0179.html Status:
NEW =>
RESOLVED |