Fedora has issued an advisory on May 8: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/X3ZLFM2FC7WMCMUCO25Y6FRCK6ANZ75I/ The vulnerability is in libraw code which is bundled in digikam, which includes a fix in digikam 8.0.0 (already in Cauldron). We need to backport the fix to digikam in Mageia 8 and fix libraw in both.
Status comment: (none) => Patches available from upstreamWhiteboard: (none) => MGA8TOO
libraw fixed for both mga8 and cauldron!
CC: (none) => geiger.david68210
libraw_r20-0.20.2-1.2.mga8 libraw20-0.20.2-1.2.mga8 libraw-devel-0.20.2-1.2.mga8 libraw-tools-0.20.2-1.2.mga8 from libraw-0.20.2-1.2.mga8.src.rpm Update for digikam still pending.
Whiteboard: MGA8TOO => (none)Version: Cauldron => 8
Different packagers have dealt with libraw, so assigning this globally.
Assignee: bugsquad => pkg-bugs
Fedora has issued an advisory for libraw on May 10: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UD4H4XTVC2IKVVGPNRKZPP4QUYARLVR7/
CC: (none) => mageia
Debian has issued an advisory for libraw on May 27: https://www.debian.org/security/2023/dsa-5412
Mageia 8 EOL
Status: NEW => RESOLVEDCC: (none) => nicolas.salgueroResolution: (none) => OLD