Bug 14109

Summary:	[CVE21] perl 5.30.3 CVEs
Product:	[ROSA-based products] ROSA Fresh	Reporter:	Vladimir Potapov <v.potapov>
Component:	Preinstalled software in the ISO	Assignee:	ROSA Linux Bugs <bugs>
Status:	VERIFIED FIXED	QA Contact:	ROSA Linux Bugs <bugs>
Severity:	critical
Priority:	Highest	CC:	a.proklov, pastordidi
Version:	All	Flags:	v.potapov: qa_verified+ v.potapov: secteam_verified? a.proklov: published+
Target Milestone:	---
Hardware:	All
OS:	Linux
URL:	CVE-2021-36770,CVE-2023-31486
Whiteboard:
Platform:	---	ROSA Vulnerability identifier:
RPM Package:		ISO-related:
Bad POT generating:		Upstream:

Description Vladimir Potapov 2023-12-05 17:07:58 MSK

https://nvd.nist.gov/vuln/detail/CVE-2021-36770 Base Score: 7.8 HIGH
https://nvd.nist.gov/vuln/detail/CVE-2023-31486 Base Score: 8.1 HIGH

Comment 1 Aleksandr Proklov 2023-12-06 07:35:51 MSK

CVE-2023-31486 уже закрыто патчем
CVE-2021-36770 закрыто патчем

perl	5.30.3-22

https://abf.io/build_lists/4857960 х64
https://abf.io/build_lists/4857961
https://abf.io/build_lists/4857962
https://abf.io/build_lists/4857964

Comment 2 Dmitry Postnikov 2023-12-08 15:48:48 MSK

*****************************
Обновление отослано в Тестинг

Comment 3 Vladimir Potapov 2023-12-14 11:23:26 MSK

perl-5.30.3-22
https://abf.io/build_lists/4857960 х64
https://abf.io/build_lists/4857961
https://abf.io/build_lists/4857962
https://abf.io/build_lists/4857964
********************* Advisory *********************
CVE-2021-36770 fix
****************************************************
QA Verified