Debian has issued an advisory on June 1: https://www.debian.org/security/2017/dsa-3871 Mageia 5 is also affected.
CC: (none) => mageiaWhiteboard: (none) => MGA5TOO
Fixed for cauldron! but unfortunately for mga5 it doesn't build with the debian patch: /home/iurt/rpmbuild/BUILD/zookeeper-3.4.5/src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java:165: error: cannot find symbol String sid = getHexSessionId(zk.getSessionId()); /home/iurt/rpmbuild/BUILD/zookeeper-3.4.5/src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java:250: error: method send4LetterWord in class FourLetterWordMain cannot be applied to given types; return send4LetterWord(hpobj.host, hpobj.port, cmd, timeout);
Weird, since Debian has 3.4.5 also. Do we need another patch from them?
Whiteboard: MGA5TOO => (none)Version: Cauldron => 5
This issue can also be fixed by upgrading to 3.4.10. Very late advisory from upstream for this from today (October 9): http://openwall.com/lists/oss-security/2017/10/09/10
We won't be fixing this type of package for Mageia 5.
Resolution: (none) => OLDStatus: NEW => RESOLVED