Bug 20112 - springframework-security new security issue CVE-2016-9879
Summary: springframework-security new security issue CVE-2016-9879
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: Nicolas Lécureuil
QA Contact: Sec team
URL: https://lwn.net/Vulnerabilities/711462/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-01-13 12:29 CET by David Walser
Modified: 2017-04-28 14:03 CEST (History)
1 user (show)

See Also:
Source RPM: springframework-security-3.2.7-2.mga6.src.rpm
CVE: CVE-2016-9879
Status comment:


Attachments

Description David Walser 2017-01-13 12:29:56 CET
Fedora has issued an advisory on January 12:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LUQ2JZ2N3HMLWKPM6YN2MSQOMOGRNHIF/

The issue is fixed upstream in 3.2.10:
https://bugzilla.redhat.com/show_bug.cgi?id=1409838

I'm not sure why this package is in Cauldron, as we didn't have it in Mageia 5.
David Walser 2017-01-13 12:30:11 CET

CC: (none) => geiger.david68210

Comment 1 Nicolas Lécureuil 2017-04-28 14:03:15 CEST
Fixed in cauldron

Status: NEW => RESOLVED
Resolution: (none) => FIXED
CVE: (none) => CVE-2016-9879


Note You need to log in before you can comment on or make changes to this bug.