Groups | Search | Server Info | Keyboard shortcuts | Login | Register

Groups > gnu.utils.bug > #2235

Re: Vulnerability Report on Sharutils 4.15.2

Path csiph.com!weretis.net!feeder6.news.weretis.net!nntp.club.cc.cmu.edu!micro-heart-of-gold.mit.edu!bloom-beacon.mit.edu!bloom-beacon.mit.edu!171.64.64.130.MISMATCH!usenet.stanford.edu!not-for-mail
From Salvatore Bonaccorso <carnil@debian.org>
Newsgroups gnu.utils.bug
Subject Re: Vulnerability Report on Sharutils 4.15.2
Date Mon, 26 Mar 2018 22:34:45 GMT
Lines 13
Approved bug-gnu-utils@gnu.org
Message-ID <mailman.11280.1522103694.27995.bug-gnu-utils@gnu.org> (permalink)
References <47a93dc0-b0f9-9dc7-593e-ce7f96f56e19@gmail.com> <20180325175147.GA13587@eldamar.local> <CAFkjv+vMm9SB+U04_97D+To9DUaOBS2O6uLBxM1=PsPYGdn8qg@mail.gmail.com>
NNTP-Posting-Host lists.gnu.org
Mime-Version 1.0
Content-Type text/plain; charset=us-ascii
X-Trace usenet.stanford.edu 1522103694 5910 208.118.235.17 (26 Mar 2018 22:34:54 GMT)
X-Complaints-To action@cs.stanford.edu
Cc bug-gnu-utils@gnu.org
To Mohd Hanafie <nafiez.skins@gmail.com>
Envelope-to bug-gnu-utils@gnu.org
X-Envelope-From karl@freefriends.org
X-Envelope-To <bug-gnu-utils@gnu.org>
Resent-Date Mon, 26 Mar 2018 22:34:45 GMT
Resent-From Karl Berry <karl@freefriends.org>
Resent-Message-Id <201803262234.w2QMYjmh030973@freefriends.org>
X-Authentication-Warning frenzy.freefriends.org: nobody set sender to karl@freefriends.org using -f
Resent-To bug-gnu-utils@gnu.org
Content-Disposition inline
In-Reply-To <CAFkjv+vMm9SB+U04_97D+To9DUaOBS2O6uLBxM1=PsPYGdn8qg@mail.gmail.com>
X-Google-DKIM-Signature v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to:user-agent; bh=+E85CUVx1u4abTSf5MpJZ4us9UCsH4perlKAuwpoW58=; b=VKYIKEr/PgOxBiUzxIwZBV59WCG141CFPZ/e2Q7OJM2VkMzKScQ3Mh9OuB81GGPZY2 XDm4C9sO2VX0DcTGzgYav8On3mJgUZPitgJnSvZ53cGtlCO1XIRtdgQVD8ThrHFJ0gGl llm5dPlG6tTzMssNVSEPok/RC8PBoDfrBTi5Zezk14FhA//uJx/P15kZyVwy+x+jaoAN 9q5oDQOsVqO3alWX8GvMFHY+x2bo1lYdX0nKxrR2o8k2VTY+wldX3+yycWNreh0SHSuh xunOMxTg3/Htj9Xzeehcq7NrQGrKO21lS+eF5krOkJSRYUPNu2/kenIIA64JpfPCXfmZ Td2A==
X-Gm-Message-State AElRT7E8btC/W9jvcuz3T+qPDNNUq2LfiFaWiAmD/kiyUdTI6uHwofyU OgIKL0iLTyyQc51wFs0zCL8M3GZF
X-Google-Smtp-Source AG47ELv6ouHsv2UsKRjJ0kLEBPLVVDm7asabcXeiMLIg+2p/id1xZkrwq6ajuNBZGm4UDgplCprHAQ==
X-Received by 10.223.184.188 with SMTP id i57mr29388352wrf.105.1522039579966; Sun, 25 Mar 2018 21:46:19 -0700 (PDT)
X-detected-operating-system by eggs.gnu.org: Genre and OS details not recognized.
X-detected-operating-system by eggs.gnu.org: GNU/Linux 3.x [fuzzy]
X-Received-From 96.88.95.60
X-BeenThere bug-gnu-utils@gnu.org
X-Mailman-Version 2.1.21
Precedence list
List-Id Bug reports for the GNU utilities <bug-gnu-utils.gnu.org>
List-Unsubscribe <https://lists.gnu.org/mailman/options/bug-gnu-utils>, <mailto:bug-gnu-utils-request@gnu.org?subject=unsubscribe>
List-Archive <http://lists.gnu.org/archive/html/bug-gnu-utils/>
List-Post <mailto:bug-gnu-utils@gnu.org>
List-Help <mailto:bug-gnu-utils-request@gnu.org?subject=help>
List-Subscribe <https://lists.gnu.org/mailman/listinfo/bug-gnu-utils>, <mailto:bug-gnu-utils-request@gnu.org?subject=subscribe>
Xref csiph.com gnu.utils.bug:2235

Show key headers only | View raw

Hi,

On Sun, Mar 25, 2018 at 11:17:45PM +0000, Mohd Hanafie wrote:
> Hi,
> 
> Issue has been resolved and CVE has been assigned, CVE-2018-1000097.

This is confusing. CVE-2018-1000097 seems to be assigned specifically
for http://seclists.org/bugtraq/2018/Feb/54 which was reported as
http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00004.html
. Petr Pisar proposed a fix in
https://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00005.html

Back to gnu.utils.bug | Previous | Next | Find similar

Thread

Re: Vulnerability Report on Sharutils 4.15.2 Salvatore Bonaccorso <carnil@debian.org> - 2018-03-26 22:34 +0000

csiph-web