Fedora has issued an advisory on December 18: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/R5EYTPKHVFSDCETBJI7LBZE4EYHBPN2Q/ The issue is fixed upstream in 6.17. Mageia 8 is also affected.
Status comment: (none) => Fixed upstream in 6.17Whiteboard: (none) => MGA8TOO
No one packager in sight for this, so assignong the update globally.
Assignee: bugsquad => pkg-bugs
Fedora has issued an advisory on January 12: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MWRPBXRQXUJY4S564TKU44KGGKG3COW5/ Mageia 8 is also affected.
Status comment: Fixed upstream in 6.17 => Fixed upstream in 6.17 plus patch from Fedora
Fedora has issued an advisory on January 30: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3S26TLPLVFAJTUN3VIXFDEBEXDYO22CE/ The issue is fixed upstream in 6.19. Mageia 8 is also affected.
Summary: pgadmin4 new security issue CVE-2022-4223 => pgadmin4 new security issues CVE-2021-35065, CVE-2022-4223, and CVE-2022-46175Status comment: Fixed upstream in 6.17 plus patch from Fedora => Fixed upstream in 6.19 plus patch from Fedora
Fedora has issued an advisory today (February 2): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPH/ Two other issues were also fixed upstream in 6.19.
Summary: pgadmin4 new security issues CVE-2021-35065, CVE-2022-4223, and CVE-2022-46175 => pgadmin4 new security issues CVE-2021-35065, CVE-2022-4223, CVE-2022-46175, CVE-2023-0241, CVE-2023-22298
(In reply to David Walser from comment #4) > Fedora has issued an advisory today (February 2): > https://lists.fedoraproject.org/archives/list/package-announce@lists. > fedoraproject.org/thread/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPH/ > > Two other issues were also fixed upstream in 6.19. SUSE has issued an advisory for one of those issues on April 3: https://lists.suse.com/pipermail/sle-security-updates/2023-April/014347.html
(In reply to David Walser from comment #5) > (In reply to David Walser from comment #4) > > Fedora has issued an advisory today (February 2): > > https://lists.fedoraproject.org/archives/list/package-announce@lists. > > fedoraproject.org/thread/VHY2B25YHIIFQ3G44TR7NNEST7FJGJPH/ > > > > Two other issues were also fixed upstream in 6.19. > > SUSE has issued an advisory for one of those issues on April 3: > https://lists.suse.com/pipermail/sle-security-updates/2023-April/014347.html and for the other one today, April 18: https://lists.suse.com/pipermail/sle-security-updates/2023-April/014480.html
I have removed the package from cauldron.
Whiteboard: MGA8TOO => (none)Source RPM: pgadmin4-4.30-2.mga9.src.rpm => pgadmin4-4.22-3.mga8.src.rpmCC: (none) => yves.brungard_mageiaVersion: Cauldron => 8
Mageia 8 EOL
CC: (none) => nicolas.salgueroStatus: NEW => RESOLVEDResolution: (none) => OLD