Fedora has issued an advisory today (February 4): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Y7LTXE6LGBJI6YPVECO46TEBZ24UTPBA/ The issue is fixed upstream in 2.0.14. Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOOBlocks: (none) => 28536Status comment: (none) => Fixed upstream in 2.0.14
Assigning to you, Nicolas, as you did a CVE patch for this thing not so long ago, so it is not unknown to you.
Assignee: bugsquad => nicolas.salguero
Hi, That CVE is for Rust crate lru, which I did not find in 389-ds-base-1.4.0.26, so I think that CVE does not affect us. Best regards, Nico.
OK, thanks.
Status: NEW => RESOLVEDResolution: (none) => INVALID