Ubuntu has issued an advisory on August 10: https://ubuntu.com/security/notices/USN-5563-1 Mageia 8 is also affected.
Status comment: (none) => Patch available from UbuntuWhiteboard: (none) => MGA8TOO
Assigning to the registered maintainer
Assignee: bugsquad => thierry.vignaudCC: (none) => marja11
Suggested advisory: ======================== The updated packages fix a security vulnerability: http-parser could be made to expose sensitive data if it received a specially crafted request. (CVE-2020-8287) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8287 https://ubuntu.com/security/notices/USN-5563-1 ======================== Updated packages in core/updates_testing: ======================== lib(64)http-parser2-2.9.4-1.1.mga8 lib(64)http-parser-devel-2.9.4-1.1.mga8 from SRPM: http-parser-2.9.4-1.1.mga8.src.rpm
Version: Cauldron => 8CC: (none) => nicolas.salgueroCVE: (none) => CVE-2020-8287Status: NEW => ASSIGNEDAssignee: thierry.vignaud => qa-bugsStatus comment: Patch available from Ubuntu => (none)Whiteboard: MGA8TOO => (none)
MGA8-64 MATE on Acer Aspire 5253 No installation issues Ref bug 26293 for test: Installed kwrite-handbook, opened kwrite and jumped around in the handbook, all worked OK.
Whiteboard: (none) => MGA8-64-OKCC: (none) => herman.viaene
Validating. Advisoryn in Comment 2.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0393.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED