26982 – glibc new security issue CVE-2020-6096

Bug 26982 - glibc new security issue CVE-2020-6096

Summary: glibc new security issue CVE-2020-6096

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	arm Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	All Packagers
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:	28161
Blocks:
	Show dependency tree / graph

Reported:	2020-07-21 18:46 CEST by David Walser
Modified:	2021-01-20 00:29 CET (History)
CC List:	1 user (show)

See Also:
Source RPM:	glibc-2.31-12.mga8.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2020-07-21 18:46:07 CEST

Fedora has issued an advisory on July 19:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/

Updating to the latest fixes from 2.31 branch should fix it.

It looks like it only affects ARM.

Comment 1 Lewis Smith 2020-07-21 20:44:59 CEST

Having to

Assignee: bugsquad => pkg-bugs

Comment 2 Lewis Smith 2020-07-21 20:46:56 CEST

Having to assign this globally in the absence of the usual maintainer.

Comment 3 Nicolas Lécureuil 2020-12-27 16:24:28 CET

looked and the commits are in cauldron
cf: https://security-tracker.debian.org/tracker/CVE-2020-6096

Resolution: (none) => FIXED
CC: (none) => mageia
Status: NEW => RESOLVED

Comment 4 Thomas Backlund 2021-01-19 17:44:08 CET

This was not fixed in mga7, will add fixes as part of bug 28161

David Walser 2021-01-20 00:29:35 CET

Depends on: (none) => 28161

Note You need to log in before you can comment on or make changes to this bug.