Bug 14133

Summary: [CVE 21] zchunk 1.2.2 CVE
Product: [ROSA-based products] ROSA Fresh Reporter: Vladimir Potapov <v.potapov>
Component: Preinstalled software in the ISOAssignee: ROSA Linux Bugs <bugs>
Status: VERIFIED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: critical    
Priority: Highest CC: e.malashin, i.gaptrakhmanov
Version: AllFlags: v.potapov: qa_verified+
v.potapov: secteam_verified?
v.potapov: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: CVE-2023-46228
Whiteboard:
Platform: --- ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Vladimir Potapov 2023-12-08 13:01:17 MSK 
https://nvd.nist.gov/vuln/detail/CVE-2023-46228 HIGH
Comment 2 e.malashin@rosalinux.ru 2023-12-18 18:03:22 MSK 
The update sent to testings
Comment 3 Vladimir Potapov 2023-12-19 12:46:55 MSK 
zchunk-1.2.2-2
https://abf.rosalinux.ru/build_lists/4884782 i686
https://abf.rosalinux.ru/build_lists/4884783 x86_64
https://abf.rosalinux.ru/build_lists/4890394 aarch64
https://abf.rosalinux.ru/build_lists/4884785 riscv64
https://abf.rosalinux.ru/build_lists/4884786 e2kv4
**************************** Advisory **********************
CVE closed by a patch
************************************************************
QA Verified
Comment 4 Vladimir Potapov 2024-01-12 17:22:20 MSK 
не собран для 21.15
Comment 6 Vladimir Potapov 2024-01-13 10:09:48 MSK 
(In reply to ilfat from comment #5)
> zchunk 1.2.2-2
> 
> # rosa2021.15
> https://abf.rosalinux.ru/build_lists/4954633 i686
> https://abf.rosalinux.ru/build_lists/4954634 x86_64
> https://abf.rosalinux.ru/build_lists/4954635 aarch64
> https://abf.rosalinux.ru/build_lists/4954636 e2kv4
Опубликовано!