emacs-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#56520: closed (Security vulnerabilities at coreutils version for Cen

From: GNU bug Tracking System
Subject: bug#56520: closed (Security vulnerabilities at coreutils version for CentOS 7.9)
Date: Tue, 12 Jul 2022 15:46:02 +0000 
Your message dated Tue, 12 Jul 2022 08:45:04 -0700
with message-id <d45ddac4-6d4f-6c11-2e87-74583fcd9518@cs.ucla.edu>
and subject line Re: bug#56520: Security vulnerabilities at coreutils version 
for CentOS 7.9
has caused the debbugs.gnu.org bug report #56520,
regarding Security vulnerabilities at coreutils version for CentOS 7.9
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs@gnu.org.)


-- 
56520: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=56520
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems
--- Begin Message --- Subject: Security vulnerabilities at coreutils version for CentOS 7.9 Date: Tue, 12 Jul 2022 12:43:01 +0000

Hello,

 

My name is Meirav Rath, I'm a software developer and security champion at Imperva.

As part of our effort to map security risks in our products I've been scanning our 3rd party rpms for vulnerabilities. It looks like coreutils available rpm for CentOS 7.9 (8.22) has the vulnerability CVE-2017-18018.

 

When can we expect an updated RPM of a more advanced version with fixes for this issues, aimed for CentOS7.9?

 

Thanks.

 

 

 

 

Meirav Rath | SW Engineer & DB Researcher | Data Control team

meirav.rath@imperva.com | o: +972 3-684-1665 | m: +972 54-593-1551

imperva.com | facebook | linkedin | twitter

 

-------------------------------------------
This message is confidential. If you believe you received this message in error, please inform the sender and delete this message and all attachments.

--- End Message ---
--- Begin Message --- Subject: Re: bug#56520: Security vulnerabilities at coreutils version for CentOS 7.9 Date: Tue, 12 Jul 2022 08:45:04 -0700 User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1 
On 7/12/22 05:43, Meirav Rath via GNU coreutils Bug Reports wrote:

It looks like coreutils available rpm for CentOS 7.9 (8.22) has the vulnerability 
CVE-2017-18018<https://nvd.nist.gov/vuln/detail/CVE-2017-18018>.

When can we expect an updated RPM of a more advanced version with fixes for 
this issues, aimed for CentOS7.9?
CentOS is downstream from the Coreutils project, so I suggest asking the CentOS maintainers instead of this mailing list.

--- End Message ---
reply via email to
[Prev in Thread] Current Thread [Next in Thread]