Bug 14071

Summary: [CVE21]gnuplot 5.4.0 CVEs
Product: [ROSA-based products] ROSA Fresh Reporter: Vladimir Potapov <v.potapov>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: VERIFIED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: blocker    
Priority: Highest CC: a.proklov, pastordidi
Version: AllFlags: v.potapov: qa_verified+
v.potapov: secteam_verified?
a.proklov: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: CVE-2020-25412
Whiteboard:
Platform: --- ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Vladimir Potapov 2023-11-30 16:20:28 MSK 
https://nvd.nist.gov/vuln/detail/CVE-2020-25412 Base Score: 9.8 CRITICAL
Comment 1 Aleksandr Proklov 2023-12-01 05:26:09 MSK 
закрыто в 2020 году для версии 5.4 https://sourceforge.net/p/gnuplot/bugs/2303/
Уязвимость закрыта обновлением версии

gnuplot	5.4.10-1

https://abf.io/build_lists/4849728
https://abf.io/build_lists/4849729 х64
https://abf.io/build_lists/4849730
https://abf.io/build_lists/4849731
https://abf.io/build_lists/4849732
Comment 2 Dmitry Postnikov 2023-12-04 20:49:13 MSK 
*****************************
Обновление отослано в Тестинг
Comment 3 Vladimir Potapov 2023-12-13 18:05:12 MSK 
gnuplot-5.4.10-1
https://abf.io/build_lists/4849728
https://abf.io/build_lists/4849729 х64
https://abf.io/build_lists/4849730
https://abf.io/build_lists/4849731
https://abf.io/build_lists/4849732
*************************** Advisory ***************************
CVE fix by version update
****************************************************************
QA Verified