Bug 23879 - libconfuse new security issue CVE-2018-14447
Summary: libconfuse new security issue CVE-2018-14447
Status: RESOLVED OLD
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: Jack M
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-11-22 03:40 CET by David Walser
Modified: 2019-11-06 13:46 CET (History)
2 users (show)

See Also:
Source RPM: libconfuse-3.2.1-4.mga7.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2018-11-22 03:40:25 CET
Fedora has issued an advisory tomorrow (November 22):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UQNPFOHU42XZSP322DZUSQCPRCWDEXSO/

The issue is fixed upstream in 3.2.2.

Mageia 6 is also affected.
David Walser 2018-11-22 03:40:32 CET

Whiteboard: (none) => MGA6TOO

Comment 1 David GEIGER 2018-11-22 07:08:21 CET
Assigning to the registered maintainer.

CC: (none) => geiger.david68210
Assignee: bugsquad => jackal.j

Comment 2 David Walser 2018-11-22 18:54:53 CET
libconfuse-3.2.2-1.mga7 uploaded for Cauldron by David.

Whiteboard: MGA6TOO => (none)
Version: Cauldron => 6

Comment 3 Mike Rambo 2019-11-06 13:46:24 CET
Mageia 6 is EOL.

Resolution: (none) => OLD
CC: (none) => mrambo
Status: NEW => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.