Bug 22816 - plexus-utils new security issue CVE-2017-1000487
Summary: plexus-utils new security issue CVE-2017-1000487
Status: RESOLVED OLD
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Mageia Bug Squad
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-03-21 20:41 CET by David Walser
Modified: 2018-03-31 21:23 CEST (History)
0 users

See Also:
Source RPM: plexus-utils-3.0.14-5.mga5.src.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2018-03-21 20:41:03 CET 
Debian has issued an advisory on March 20:
https://www.debian.org/security/2018/dsa-4146

The issue was fixed upstream in 3.0.16.
Comment 1 David Walser 2018-03-21 20:41:14 CET 
We won't be fixing this, but I filed it so we would have a record of it.

Status: NEW => RESOLVED
Resolution: (none) => OLD

Comment 2 David Walser 2018-03-31 21:23:53 CEST 
Debian has issued an advisory for this for 3.0.x on March 22:
https://www.debian.org/security/2018/dsa-4149
Note You need to log in before you can comment on or make changes to this bug.