Bug 27569 - tmux new security issue CVE-2020-27347
Summary: tmux new security issue CVE-2020-27347
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: Johnny A. Solbu
QA Contact: Sec team
URL:
Whiteboard:
Keywords: Triaged
Depends on:
Blocks:
 
Reported: 2020-11-06 00:34 CET by David Walser
Modified: 2020-12-04 00:20 CET (History)
0 users

See Also:
Source RPM: tmux-3.1b-1.mga8.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2020-11-06 00:34:40 CET 
Ubuntu has issued an advisory today (November 5):
https://ubuntu.com/security/notices/USN-4618-1
Comment 1 David Walser 2020-11-06 00:38:24 CET 
openSUSE has issued an advisory for this tomorrow (November 6):
https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00022.html

The issue appears to be fixed upstream in 3.1c.
Comment 2 David Walser 2020-11-06 00:58:17 CET 
More information:
https://www.openwall.com/lists/oss-security/2020/11/05/3
Comment 3 Aurelien Oudelet 2020-11-07 10:14:55 CET 
Hi, thanks for reporting this.
Assigned to the package maintainer.

(Please set the status to 'assigned' if you are working on it)

Keywords: (none) => Triaged
Assignee: bugsquad => cooker

Comment 4 David Walser 2020-12-04 00:20:55 CET 
tmux-3.1c-1.mga8 uploaded for Cauldron.

Resolution: (none) => FIXED
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.