Bug 14084

Summary:	[CVE21] zip 3.0 CVEs
Product:	[ROSA-based products] ROSA Fresh	Reporter:	Vladimir Potapov <v.potapov>
Component:	Preinstalled software in the ISO	Assignee:	ROSA Linux Bugs <bugs>
Status:	VERIFIED FIXED	QA Contact:	ROSA Linux Bugs <bugs>
Severity:	blocker
Priority:	Highest	CC:	a.proklov, e.malashin
Version:	All	Flags:	v.potapov: qa_verified+ v.potapov: secteam_verified? a.proklov: published+
Target Milestone:	---
Hardware:	All
OS:	Linux
URL:	CVE-2018-13410
Whiteboard:
Platform:	---	ROSA Vulnerability identifier:
RPM Package:		ISO-related:
Bad POT generating:		Upstream:

Description Vladimir Potapov 2023-12-01 13:00:25 MSK

https://nvd.nist.gov/vuln/detail/CVE-2018-13410 Base Score: 9.8 CRITICAL

Comment 1 Aleksandr Proklov 2023-12-05 04:57:19 MSK

уязвимость закрыта патчем

zip	3.0-15

https://abf.io/build_lists/4857164
https://abf.io/build_lists/4857165 х64
https://abf.io/build_lists/4857166
https://abf.io/build_lists/4857167
https://abf.io/build_lists/4857168

Comment 2 e.malashin@rosalinux.ru 2023-12-05 11:48:18 MSK

The update sent to testings

Comment 3 Vladimir Potapov 2023-12-14 08:24:41 MSK

zip-3.0-15
https://abf.io/build_lists/4857164
https://abf.io/build_lists/4857165 х64
https://abf.io/build_lists/4857166
https://abf.io/build_lists/4857167
https://abf.io/build_lists/4857168
*********************** Advisory *******************
CVE closed by patch
****************************************************
QA Verified