RedHat Satellite 6.4 fixed a security issue in hibernate-validator: https://access.redhat.com/errata/RHSA-2018:2927 https://bugzilla.redhat.com/show_bug.cgi?id=1465573 Mageia 6 is also affected.
Whiteboard: (none) => MGA6TOO
Whiteboard: MGA6TOO => MGA7TOO, MGA6TOO
Whiteboard: MGA7TOO, MGA6TOO => MGA7TOOCC: (none) => mageia
This package has been (mercifully) dropped in Cauldron. RedHat has issued an advisory on October 27: https://access.redhat.com/errata/RHSA-2020:4366 It fixes a new issue in hibernate-validator that was fixed upstream in 6.0.20. The original CVE in this bug was fixed upstream in 5.3.5.
Summary: hibernate-validator new security issue CVE-2017-7536 => hibernate-validator new security issues CVE-2017-7536 and CVE-2020-10693Source RPM: hibernate-validator-5.0.1-9.mga7.src.rpm => hibernate-validator-5.2.4-1.mga7.src.rpmVersion: Cauldron => 7
Whiteboard: MGA7TOO => (none)
https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/
Status: NEW => RESOLVEDResolution: (none) => OLD