A security issue in pesign has been announced on January 31: https://www.openwall.com/lists/oss-security/2023/01/31/6 A patch to fix the issue is attached to the message above. Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOOStatus comment: (none) => Patch available
Assigning to our registered pesign maintainer.
CC: (none) => marja11Assignee: bugsquad => olav
Fedora has issued an advisory for this today (February 9): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XGKNCR23AN2GDBGUC6KWRD3EKZIOJHYY/ The issue is fixed upstream in 116.
Severity: normal => criticalStatus comment: Patch available => Fixed upstream in 116
RedHat has issued an advisory for this on March 6: https://access.redhat.com/errata/RHSA-2023:1067
Release 116 is built in cauldron.
CC: (none) => yves.brungard_mageia
Now updated in cauldron
Version: Cauldron => 8Whiteboard: MGA8TOO => (none)Source RPM: pesign-115-2.mga9.src.rpm => pesign-112-9.mga8.src.rpm
Mageia 8 EOL
CC: (none) => nicolas.salgueroStatus: NEW => RESOLVEDResolution: (none) => OLD