Bug 20774 - coreutils new security issue CVE-2017-7476
Summary: coreutils new security issue CVE-2017-7476
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal critical
Target Milestone: ---
Assignee: Base system maintainers
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-02 03:33 CEST by David Walser
Modified: 2017-05-02 14:05 CEST (History)
3 users (show)

See Also:
Source RPM: coreutils-8.25-2.mga6.src.rpm
CVE: CVE-2017-7476
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2017-05-02 03:33:07 CEST 
Fedora has issued an advisory today (May 1):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/B3HWXO6ND4Y7A7Q7KF5GUQ2BZANS6E4P/

The upstream fix is linked from the RedHat bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1445185

Mageia 5 is not affected.
Comment 1 Marja Van Waes 2017-05-02 07:31:21 CEST 
Assigning to the basesystem maintainers, while CC'ing the registered maintainer.

Assignee: bugsquad => basesystem
CC: (none) => marja11, tmb

Comment 2 Nicolas Lécureuil 2017-05-02 14:05:38 CEST 
Fixed in cauldron

CVE: (none) => CVE-2017-7476
Status: NEW => RESOLVED
Resolution: (none) => FIXED
CC: (none) => mageia
Note You need to log in before you can comment on or make changes to this bug.