Fedora has issued an advisory on May 12: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XPYTEBBNHCDGPVFACC5RC5K2FZUCYTPZ/ Mageia 8 is also affected.
Status comment: (none) => Patch available from Fedora and upstreamWhiteboard: (none) => MGA8TOO
Assigning to the registered sdl2_ttf maintainer
Assignee: bugsquad => rverscheldeCC: (none) => marja11
Hi, For Cauldron, sdl2_ttf-2.20.2-1.mga9 should solve that issue. According to https://security-tracker.debian.org/tracker/CVE-2022-27470, Mageia 8 should not be affected by that issue. Best regards, Nico.
CC: (none) => nicolas.salguero
From what I'm seeing, Mageia 8 is affected.
Whiteboard: MGA8TOO => (none)Version: Cauldron => 8
From https://security-tracker.debian.org/tracker/CVE-2022-27470 Debian says it was introduced in commit: https://github.com/libsdl-org/SDL_ttf/commit/31589bd7316d946d2eb122afaed68bc9b9b0fceb So this issue committed on 2019-01-31 appears after our current 2.0.15 released on 2019-01-05: https://github.com/libsdl-org/SDL_ttf/releases/tag/release-2.0.15
CC: (none) => geiger.david68210
OK. Thanks.
Version: 8 => CauldronStatus: NEW => RESOLVEDResolution: (none) => FIXED