Bug 24335 - pagure new security issue CVE-2019-7628
Summary: pagure new security issue CVE-2019-7628
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Neal Gompa
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-02-10 19:00 CET by David Walser
Modified: 2019-03-12 15:20 CET (History)
0 users

See Also:
Source RPM: pagure-5.2-4.mga7.src.rpm
CVE:
Status comment: Fixed upstream in 5.3

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2019-02-10 19:00:02 CET 
A security issue in Pagure has been announced on February 8:
https://www.openwall.com/lists/oss-security/2019/02/08/1
Comment 1 David Walser 2019-03-12 15:20:15 CET 
Fedora has issued an advisory for this on February 24:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/S2EOZZCWSNGXKL7CP3HFPWHO4B2KLZDT/

Fixed in Cauldron in pagure-5.3-1.mga7 by Neal two weeks ago.

Resolution: (none) => FIXED
Status comment: (none) => Fixed upstream in 5.3
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.