Bug 436546 (CVE-2008-1474)
Summary: | CVE-2008-1474 Roundup 1.4.4 contains security fixes | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Lubomir Kundrak <lkundrak> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | i |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-04-23 06:15:19 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 436547, 436548, 436549 | ||
Bug Blocks: |
Description
Lubomir Kundrak
2008-03-07 20:25:24 UTC
CVE names requested Thank you for bringing this into my attention. I am putting together 1.4.4 rpm now. This is my first security update; shall I wait for CVE names to include them into the %changelog or I can just go ahead and build everything now? Thanks. Paul feel free to build the packages even without the CVE names. Refer to this bug report in changelog. Thanks! I've done a builds. If/when you'll have CVE numbers you can create the updates. Or I can do it if you say so. Please create the updates. Thanks! roundup-1.4.4-1.fc7 has been submitted as an update for Fedora 7 roundup-1.4.4-1.fc8 has been submitted as an update for Fedora 8 roundup-1.4.4-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report. roundup-1.4.4-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. This issue was addressed in: Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2008-2370 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-2471 CVE-2008-1474: Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unknown impact and attack vectors, some of which may be related to cross-site scripting (XSS). |