| Summary: | libqb new security issue CVE-2023-39976 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Nicolas Salguero <nicolas.salguero> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, marja11, sysadmin-bugs |
| Version: | 9 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA9-64-OK | ||
| Source RPM: | libqb-2.0.6-1.mga9.src.rpm | CVE: | CVE-2023-39976 |
| Status comment: | Fixed upstream in 2.0.8 | ||
|
Description
Nicolas Salguero
2023-11-24 12:30:33 CET
Nicolas Salguero
2023-11-24 12:31:29 CET
Source RPM:
(none) =>
libqb-2.0.6-1.mga9.src.rpm The main pkg is lib64qb100. Cauldron already has v2.0.8 This was put up by DavidG, so can we ask you to the M9 bit? (+ advisory). Assignee:
bugsquad =>
geiger.david68210 Assigning to QA, Package in 9/Core/Updates_testing: ===================== libqb-devel-2.0.8-1.mga9 lib64qb-devel-2.0.8-1.mga9 doxygen2man-2.0.8-1.mga9 libqb100-2.0.8-1.mga9 lib64qb100-2.0.8-1.mga9 From SRPMS: libqb-2.0.8-1.mga9.src.rpm Assignee:
geiger.david68210 =>
qa-bugs Advisory with the SRPM from comment 2 added to SVN. Please remove the "advisory" keyword if it needs to be changed. It also helps when obsolete advisories are tagged as "obsolete" CC:
(none) =>
marja11 MGA9-64 Plasma in VirtualBox: No installation issues over the old packages. No previous updates for doxygen2man. One for libqb, bug 25751, which, apparently after some discussion at a QA meeting, was validated on a clean install. Looking on the Web at doxygen2man, it appears that application is also in developer territory, beyond the scope of QA. So... Giving this an OK and validating, based on the clean install. Keywords:
(none) =>
validated_update An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0339.html Resolution:
(none) =>
FIXED |