Bug 26066 - virglrenderer new security issues CVE-2019-1838[89] and CVE-2019-1839[01]
Summary: virglrenderer new security issues CVE-2019-1838[89] and CVE-2019-1839[01]
Status: RESOLVED OLD
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 7
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: Nicolas Lécureuil
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-01-13 23:33 CET by David Walser
Modified: 2021-07-01 18:21 CEST (History)
1 user (show)

See Also:
Source RPM: virglrenderer-0.7.0-1.20190424gitd1758cc09.mga7.src.rpm
CVE:
Status comment: Update failed to build

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2020-01-13 23:33:48 CET 
SUSE has issued an advisory on January 7:
http://lists.suse.com/pipermail/sle-security-updates/2020-January/006300.html

I believe the snapshot we have in Cauldron should contain the fixes.
David Walser 2020-01-14 17:49:14 CET

Status comment: (none) => Fixes available in upstream git

Comment 1 David Walser 2020-01-16 23:51:59 CET 
openSUSE has issued an advisory for this on January 15:
https://lists.opensuse.org/opensuse-updates/2020-01/msg00060.html
Nicolas Lécureuil 2020-05-24 16:35:41 CEST

Assignee: qa-bugs => mageia

Comment 3 Nicolas Lécureuil 2021-03-12 15:15:26 CET 
pushed in mga7

src:
    - virglrenderer-0.7.0-1.20190424gitd1758cc09.1.mga7

Status comment: Fixes available in upstream git => (none)
Assignee: mageia => qa-bugs

David Walser 2021-03-12 20:32:56 CET

Assignee: qa-bugs => mageia
Status comment: (none) => Update failed to build

Comment 4 David Walser 2021-07-01 18:21:24 CEST 
https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/

Status: NEW => RESOLVED
Resolution: (none) => OLD
Note You need to log in before you can comment on or make changes to this bug.