27330 – gnuplot new security issues CVE-2018-1949[0-2]

Bug 27330 - gnuplot new security issues CVE-2018-1949[0-2]

Summary: gnuplot new security issues CVE-2018-1949[0-2]

Status:	RESOLVED DUPLICATE of bug 24754

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	7
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	All Packagers
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2020-09-26 20:12 CEST by David Walser
Modified:	2020-11-02 16:11 CET (History)
CC List:	4 users (show)

See Also:
Source RPM:	gnuplot-5.2.2-5.mga7.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2020-09-26 20:12:02 CEST

Ubuntu has issued an advisory on September 25:
https://ubuntu.com/security/notices/USN-4541-1

I believe the issues were fixed upstream in 5.2.6.

Comment 1 Aurelien Oudelet 2020-09-26 23:31:38 CEST

Thanks reporting this.
As there is no registered packager, assigning to all.
CC'ed recent committer.

(Packagers: Please change status to "Assigned" when you are working on this.)

Assignee: bugsquad => pkg-bugs
CC: (none) => joequant, joequant, ouaurelien

Comment 2 Nicolas Salguero 2020-11-02 10:00:42 CET

Hi,

Those CVEs are already fixed in gnuplot-5.2.2-5.mga7 (see bug 24754).

Best regards,

Nico.

CC: (none) => nicolas.salguero
Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 3 David Walser 2020-11-02 16:11:39 CET

Thanks.

*** This bug has been marked as a duplicate of bug 24754 ***

Resolution: FIXED => DUPLICATE

Note You need to log in before you can comment on or make changes to this bug.