Fedora has issued an advisory on November 14: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/ Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOO
Assigning to the registered maintainer
CC: (none) => marja11Assignee: bugsquad => ngompa13
Fixed in cauldron
CC: (none) => mageiaWhiteboard: MGA8TOO => (none)Version: Cauldron => 8
Fixed in mga8 for CVE-2021-3608[4-6] src: - libsepol-3.2-0.rc1.4.1.mga8 i don't fix CVE-2021-36087. This is a documentation fix but we don't have the .md files in our package.
Assignee: ngompa13 => qa-bugsCC: (none) => ngompa13
libsepol2-3.2-0.rc1.4.1.mga8 libsepol-devel-3.2-0.rc1.4.1.mga8 libsepol-static-devel-3.2-0.rc1.4.1.mga8 from libsepol-3.2-0.rc1.4.1.mga8.src.rpm But you missed CVE-2021-36087 indeed, which is not a documentation fix, but a code one. It's Fedora patch 0034-libsepol-cil-Check-for-statements-not-allowed-in-opt.patch and upstream commit here: https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
Assignee: qa-bugs => mageiaWhiteboard: (none) => MGA8TOOVersion: 8 => Cauldron
this is not what i can find here: https://security-tracker.debian.org/tracker/CVE-2021-36087
ok seems an error in deb cve checker. I add your patch.
(In reply to Nicolas Lécureuil from comment #6) > ok seems an error in deb cve checker. I add your patch. Ping.
Ubuntu has issued an advisory for this on April 27: https://ubuntu.com/security/notices/USN-5391-1
Mageia 8 EOL.
Resolution: (none) => OLDCC: (none) => nicolas.salgueroWhiteboard: MGA8TOO => (none)Status: NEW => RESOLVEDVersion: Cauldron => 8