24510 – waagent new security issue CVE-2019-0804

Bug 24510 - waagent new security issue CVE-2019-0804

Summary: waagent new security issue CVE-2019-0804

Status:	RESOLVED OLD

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	6
Hardware:	All Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	All Packagers
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2019-03-13 19:54 CET by David Walser
Modified:	2019-11-06 16:18 CET (History)
CC List:	3 users (show)

See Also:
Source RPM:	waagent-2.2.34-2.mga7.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2019-03-13 19:54:50 CET

Debian and Ubuntu have issued advisories on March 12:
https://www.debian.org/security/2019/dsa-4406
https://usn.ubuntu.com/3907-1/

Mageia 6 is also affected.

David Walser 2019-03-13 19:54:55 CET

Whiteboard: (none) => MGA6TOO

Comment 1 Marja Van Waes 2019-03-14 16:12:16 CET

Assigning to all packagers collectively, since there is no registered maintainer for this package.
Also CC'ing a submitter.

Assignee: bugsquad => pkg-bugs
CC: (none) => geiger.david68210, marja11

Comment 2 Nicolas Salguero 2019-03-26 13:48:24 CET

Hi,

For Cauldron, waagent-2.2.34-3.mga7 should solve that issue.

Best regards,

Nico.

CC: (none) => nicolas.salguero

David Walser 2019-03-26 14:09:04 CET

Whiteboard: MGA6TOO => (none)
Version: Cauldron => 6

Comment 3 Nicolas Salguero 2019-11-06 16:18:30 CET

Mageia 6 EOL

Status: NEW => RESOLVED
Resolution: (none) => OLD

Note You need to log in before you can comment on or make changes to this bug.