Bug 14121

Summary: [CVE21]libplist CVEs
Product: [ROSA-based products] ROSA Fresh Reporter: Vladimir Potapov <v.potapov>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: RESOLVED INVALID QA Contact: ROSA Linux Bugs <bugs>
Severity: critical    
Priority: Highest CC: a.proklov
Version: AllFlags: v.potapov: secteam_verified?
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Platform: --- ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Vladimir Potapov 2023-12-06 15:20:53 MSK 
https://nvd.nist.gov/vuln/detail/CVE-2017-5835 Base Score: 7.5 HIGH
https://nvd.nist.gov/vuln/detail/CVE-2017-5834 Base Score: 5.5 MEDIUM
https://nvd.nist.gov/vuln/detail/CVE-2017-5836 Base Score: 7.5 HIGH
Comment 1 Vladimir Potapov 2023-12-06 16:24:27 MSK 
исправлено в версии 2.2, в базе ошибочно посчитано, что не исправлено
https://launchpad.net/debian/+source/libplist/+changelog
Comment 2 Aleksandr Proklov 2023-12-08 05:26:07 MSK 
Так и будет открытым баг висеть?