| Summary: | [CVE21] flex 2.6.4 CVEs | ||
|---|---|---|---|
| Product: | [ROSA-based products] ROSA Fresh | Reporter: | Vladimir Potapov <v.potapov> |
| Component: | Packages from Main | Assignee: | ROSA Linux Bugs <bugs> |
| Status: | RESOLVED WONTFIX | QA Contact: | ROSA Linux Bugs <bugs> |
| Severity: | blocker | ||
| Priority: | Highest | CC: | a.proklov |
| Version: | All | Flags: | v.potapov:
secteam_verified?
|
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Platform: | --- | ROSA Vulnerability identifier: | |
| RPM Package: | ISO-related: | ||
| Bad POT generating: | Upstream: | ||
|
Description
Vladimir Potapov
2023-11-29 18:29:50 MSK
https://github.com/woodsts/buildroot/commit/120d1241d8301089ed05f865f03b4915c843e936 патчей нет и не будет, и вобще нет эксплоита. https://security-tracker.debian.org/tracker/CVE-2019-6293 Negligible security impact |