| Summary: | [CVE 21] glibc 2.33 CVEs found (2) | ||
|---|---|---|---|
| Product: | [ROSA-based products] ROSA Fresh | Reporter: | Vladimir Potapov <v.potapov> |
| Component: | System (kernel, glibc, systemd, bash, PAM...) | Assignee: | ROSA Linux Bugs <bugs> |
| Status: | VERIFIED FIXED | QA Contact: | ROSA Linux Bugs <bugs> |
| Severity: | blocker | ||
| Priority: | Highest | CC: | m.novosyolov, pastordidi |
| Version: | All | Flags: | v.potapov:
qa_verified+
v.potapov: secteam_verified? v.potapov: published+ |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Platform: | --- | ROSA Vulnerability identifier: | |
| RPM Package: | ISO-related: | ||
| Bad POT generating: | Upstream: | ||
|
Description
Vladimir Potapov
2023-11-30 13:02:00 MSK
************ QA ADVISORY *********** glibc 2.33-10.git1a2009.2 - use all backported updates, including fixes of CVEs, from https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/release/2.33/master https://abf.io/build_lists/4856091 https://abf.io/build_lists/4856092 https://abf.io/build_lists/4856093 https://abf.io/build_lists/4856095 (no e2kv4) ***************************** Обновление отослано в Тестинг Пока не публикуйте это обновление. ************ QA ADVISORY *********** glibc 2.33-10.git1a2009.3 - use all backported updates, including fixes of CVEs, from https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/release/2.33/master - fix of CVE-2023-4806 - fix of CVE2023-48-13 (lost in previous update) https://abf.io/build_lists/4885430 https://abf.io/build_lists/4885431 https://abf.io/build_lists/4885432 https://abf.io/build_lists/4885433 Исправление CVE-2023-5156 не требуется (не актуально для нашей версии, наше исправление 4806 не привносит 5156). CVE-2013-4412 не в glibc. CVE-2010-4756 не является уязвимостью, см. обсуждение в https://bugzilla.redhat.com/show_bug.cgi?id=681681 ***************************** Обновление отослано в Тестинг glibc-2.33-10.git1a2009.2 https://abf.io/build_lists/4885430 https://abf.io/build_lists/4885431 https://abf.io/build_lists/4885432 https://abf.io/build_lists/4885433 *********************** Advisory ******************** use all backported updates, including fixes of CVEs, from https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/release/2.33/master - fix of CVE-2023-4806 - fix of CVE2023-48-13 (lost in previous update) ***************************************************** QA Verified |