SUSE has issued an advisory today (February 1): https://lists.suse.com/pipermail/sle-security-updates/2023-February/013614.html Mageia 8 is also affected.
Status comment: (none) => Patch available from upstreamWhiteboard: (none) => MGA8TOO
openSUSE reference: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RLXFZY2LCNARDYLW75IRAC42GRUF4DMZ/
Assigning to our tmux maintainer.
Assignee: bugsquad => cookerCC: (none) => marja11
Ubuntu has issued an advisory for this on February 6: https://ubuntu.com/security/notices/USN-5843-1
Severity: normal => major
Suggested advisory: ======================== The updated package fixes a security vulnerability: Fixed a null pointer dereference in window.c. (CVE-2022-47016) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47016 https://lists.suse.com/pipermail/sle-security-updates/2023-February/013614.html https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RLXFZY2LCNARDYLW75IRAC42GRUF4DMZ/ https://ubuntu.com/security/notices/USN-5843-1 ======================== Updated package in core/updates_testing: ======================== tmux-3.1c-1.1.mga8 from SRPM: tmux-3.1c-1.1.mga8.src.rpm
Whiteboard: MGA8TOO => (none)Status: NEW => ASSIGNEDCC: (none) => nicolas.salgueroVersion: Cauldron => 8Source RPM: tmux-3.3a-1.mga9.src.rpm => tmux-3.1c-1.mga8.src.rpmStatus comment: Patch available from upstream => (none)Assignee: cooker => qa-bugsCVE: (none) => CVE-2022-47016
MGA8-64 Plasma session in VirtualBox: No installation issues. Previous updates offered little help, so I sought guidance with DuckDuckGo, and found https://www.howtogeek.com/671422/how-to-use-tmux-on-linux-and-why-its-better-than-screen/ I tried several of the basic commands from the tutorial, with no issues. Giving this an OK, and validating. Advisory in comment 4.
Keywords: (none) => validated_updateWhiteboard: (none) => MGA8-64-OKCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0084.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED