openSUSE has issued an advisory on September 17: https://lists.opensuse.org/opensuse-updates/2019-09/msg00101.html The issue is fixed upstream in 0.15.3.
CC: (none) => geiger.david68210, jani.valimaa
Done!
Assigning to neoclust as registered maintainer.
Assignee: bugsquad => mageia
Advisory: ======================== Updated python-werkzeug packages fix security vulnerability: Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id (CVE-2019-14806). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14806 https://lists.opensuse.org/opensuse-updates/2019-09/msg00101.html ======================== Updated packages in core/updates_testing: ======================== python2-werkzeug-0.15.3-1.mga7 python3-werkzeug-0.15.3-1.mga7 from python-werkzeug-0.15.3-1.mga7.src.rpm
Assignee: mageia => qa-bugsCC: (none) => mageia
MGA7-64 Plasma on Lenovo B50 No installation issues. As in bug 22105 Comment 3 urpmq did not show something easy to test; Continued along Dave in Comment, installed openerd-server, but this one comes with its own problems as trying to start , fails on /etc/openerp/start.d not found. Otherwise the installation does ot seem to harm something else.
CC: (none) => herman.viaene
giving this an OK based on Herman's clean install. Validating. Advisory in Comment 3.
Whiteboard: (none) => MGA7-64-OKCC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => tmb
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0004.html
Status: NEW => RESOLVEDResolution: (none) => FIXED