Bug 22835 - slf4j new security issue CVE-2018-8088
Summary: slf4j new security issue CVE-2018-8088
Status: RESOLVED OLD
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal critical
Target Milestone: ---
Assignee: Java Stack Maintainers
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
: 27915 (view as bug list)
Depends on:
Blocks: 22859
  Show dependency treegraph
 
Reported: 2018-03-27 15:28 CEST by David Walser
Modified: 2020-12-23 17:59 CET (History)
2 users (show)

See Also:
Source RPM: slf4j-1.7.22-1.mga6.src.rpm
CVE:
Status comment: Patch available from Fedora and CentOS

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2018-03-27 15:28:08 CEST 
RedHat has issued an advisory on March 26:
https://access.redhat.com/errata/RHSA-2018:0592

Mageia 5 and Mageia 6 are also affected.
David Walser 2018-03-27 15:28:30 CEST

Whiteboard: (none) => MGA6TOO

David Walser 2018-05-04 08:35:33 CEST

Status comment: (none) => Patch available from Fedora and CentOS

Comment 2 David Walser 2018-06-10 20:12:33 CEST 
openSUSE has issued an advisory for this on June 9:
https://lists.opensuse.org/opensuse-updates/2018-06/msg00050.html
Comment 3 David Walser 2019-01-01 05:05:10 CET 
slf4j-1.7.25-1.mga7 uploaded for Cauldron by David Geiger to fix this.

Whiteboard: MGA6TOO => (none)
Version: Cauldron => 6

David Walser 2019-02-20 23:26:24 CET

Blocks: (none) => 22859

Comment 4 Mike Rambo 2019-11-06 13:23:15 CET 
Mageia 6 is EOL.

Status: NEW => RESOLVED
CC: (none) => mrambo
Resolution: (none) => OLD

Comment 5 David Walser 2020-12-23 17:59:38 CET 
*** Bug 27915 has been marked as a duplicate of this bug. ***

CC: (none) => zombie_ryushu
Note You need to log in before you can comment on or make changes to this bug.