Bug 22495 - coreutils new security issue CVE-2017-18018
Summary: coreutils new security issue CVE-2017-18018
Status: RESOLVED OLD
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Base system maintainers
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on: 23825
Blocks:
  Show dependency treegraph
 
Reported: 2018-01-31 03:33 CET by David Walser
Modified: 2019-11-06 13:19 CET (History)
3 users (show)

See Also:
Source RPM: coreutils-8.28-1.mga7.src.rpm
CVE:
Status comment: Patch available from Fedora, documentation-only fix

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2018-01-31 03:33:50 CET 
Fedora has issued an advisory today (January 30):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JK2ISMPYUEU3JS3L7AVXEHWCI56INCJJ/

Mageia 5 and Mageia 6 are also affected.

Seeing as the "fix" is only in the documentation, issuing an update just for this is unnecessary, but it would be nice to backport the change and commit it in SVN.
David Walser 2018-01-31 03:34:02 CET

Whiteboard: (none) => MGA6TOO

Marja Van Waes 2018-01-31 11:25:47 CET

Assignee: bugsquad => basesystem
CC: (none) => marja11, tmb

David Walser 2018-02-02 18:32:58 CET

Status comment: (none) => Patch available from Fedora, documentation-only fix

Comment 1 David Walser 2019-01-01 04:28:02 CET 
Fixed upstream in 8.30, updated in Cauldron by tv.

Version: Cauldron => 6
Whiteboard: MGA6TOO => (none)

David Walser 2019-01-01 04:28:05 CET

Depends on: (none) => 23825

Comment 2 Mike Rambo 2019-11-06 13:19:16 CET 
Mageia 6 is EOL.

Resolution: (none) => OLD
CC: (none) => mrambo
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.