openSUSE has issued an advisory on July 20: https://lists.opensuse.org/opensuse-updates/2019-07/msg00075.html The issue is fixed upstream in 4.3.4.
Done for mga7 updating to the 4.4.0 release!
Advisory: ======================== Updated fence-agents package fixes security vulnerability: Denial of service via guest VM comments (CVE-2019-10153). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10153 https://lists.opensuse.org/opensuse-updates/2019-07/msg00075.html ======================== Updated packages in core/updates_testing: ======================== fence-agents-4.4.0-1.mga7 from fence-agents-4.4.0-1.mga7.src.rpm
Assignee: geiger.david68210 => qa-bugsCC: (none) => geiger.david68210
MGA7-64 Plasma on Lenovo B50 At installation in MCC I get: The following package has to be removed to upgrade others: krb5-appl-clients-1.0.3-10.mga7.x86_64 (bacause of conflicts with netkit-telnet). # urpmq --whatrequires fence-agents fence-agents From MCC :"Fence Agents is a collection of scripts to handle remote power management for several devices." If someone else has an idea what this is about, I don't. Or agree to OK clean install, there seem to be no adverse effects.
CC: (none) => herman.viaene
It's all beyond me, too. But, I can confirm your experience with a clean install and no ill effects. Going to let this one go on just that. Clean install OK on 64-bit. Validating. Advisory in Comment 2.
Whiteboard: (none) => MGA7-64-OKCC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0398.html
Status: NEW => RESOLVEDResolution: (none) => FIXED