Bug 1967397 (CVE-2021-3578)
| Summary: | CVE-2021-3578 isync: unchecked pointer cast may lead to remote code execution | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Marian Rehak <mrehak> | ||||||
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||
| Status: | CLOSED UPSTREAM | QA Contact: | |||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | unspecified | CC: | lkundrak, mail, security-response-team | ||||||
| Target Milestone: | --- | Keywords: | Security | ||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | isync 1.3.6, isync 1.4.2 | Doc Type: | If docs needed, set a value | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2021-06-07 21:04:02 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | 1968626, 1968627 | ||||||||
| Bug Blocks: | 1967404 | ||||||||
| Attachments: |
|
||||||||
|
Description
Marian Rehak
2021-06-03 06:01:30 UTC
Created attachment 1788788 [details]
fix for isync 1.3
Created attachment 1788789 [details]
fix isync 1.4
References: https://sourceforge.net/projects/isync/files/isync/1.3.6/ https://sourceforge.net/projects/isync/files/isync/1.4.2/ Created isync tracking bugs for this issue: Affects: epel-all [bug 1968627] Affects: fedora-all [bug 1968626] This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products. |