Bug 31884

Summary: indent new security issue(s) bsc#1209718
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: andrewsfarm, davidwhodgins, geiger.david68210, herman.viaene, sysadmin-bugs
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK
Source RPM: indent-2.2.12-2.mga8.src.rpm CVE:
Status comment:

Description David Walser 2023-05-06 23:16:54 CEST 
SUSE has issued an advisory on April 24:
https://lists.suse.com/pipermail/sle-security-updates/2023-April/014560.html

The issue(s) is/are fixed upstream in 2.2.13.

Mageia 8 is also affected.
David Walser 2023-05-06 23:17:05 CEST

Status comment: (none) => Fixed upstream in 2.2.13
Whiteboard: (none) => MGA8TOO

Comment 1 David GEIGER 2023-05-07 17:39:51 CEST 
Done for both mga8 and cauldron!

freeze_move asked for cauldron.

CC: (none) => geiger.david68210

Comment 2 David Walser 2023-05-07 19:39:46 CEST 
indent-2.2.13-1.mga8

from indent-2.2.13-1.mga8.src.rpm


Freeze move pending for Cauldron.

Status comment: Fixed upstream in 2.2.13 => (none)
Source RPM: indent-2.2.12-3.mga9.src.rpm => indent-2.2.12-2.mga8.src.rpm

Comment 3 Lewis Smith 2023-05-07 21:11:16 CEST 
Yet another to assign to you, DavidG, as you have already done it!

CC: geiger.david68210 => (none)
Assignee: bugsquad => geiger.david68210

Comment 4 David GEIGER 2023-05-12 06:36:04 CEST 
Assigning to QA

Whiteboard: MGA8TOO => (none)
Assignee: geiger.david68210 => qa-bugs
Version: Cauldron => 8

David Walser 2023-05-14 01:43:04 CEST

CC: (none) => geiger.david68210

Comment 5 Herman Viaene 2023-05-15 17:18:31 CEST 
MGA8-64 MATE on Acer Aspire 5253
No installation issues
No wiki, no previous updates, so looking for an short testt I found loads of info on https://linux.die.net/man/1/indent.
Took one example in file testcindent.c reading
#if X
#if Y
#define Z 1
#else
#define Z 0
#endif
#endif
Running command
$ indent testcindent.c -o testcindentform.c -ppi 3
result in contents of testcindentform.c :
#if X
#   if Y
#      define Z 1
#   else
#      define Z 0
#   endif
#endif
As exxpected, so good to go.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA8-64-OK

Comment 6 Thomas Andrews 2023-05-16 00:04:04 CEST 
Validating.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Dave Hodgins 2023-05-16 19:10:12 CEST

CC: (none) => davidwhodgins
Keywords: (none) => advisory

Comment 7 Mageia Robot 2023-05-16 21:19:12 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0168.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED