You are not logged in.
- Topics: Active | Unanswered
#1 2017-02-04 00:57:25
- adamlau
- Member
- Registered: 2009-01-30
- Posts: 418
[SOLVED] libarchive: Unresolved CVE-2017-5601?
Any reason why it is not being patched for CVE-2017-5601? I have not noted any regressions with the commit patch.
Last edited by adamlau (2017-02-04 09:01:52)
Arch Linux + sway
Debian Testing + GNOME/sway
NetBSD 64-bit + Xfce
Offline
#2 2017-02-04 02:17:12
- WorMzy
- Administrator
- From: Scotland
- Registered: 2010-06-16
- Posts: 12,499
- Website
Re: [SOLVED] libarchive: Unresolved CVE-2017-5601?
I don't see the CVE listed at security.archlinux.org, nor do I see it mentioned on the arch-security mailing list, as such, I can only assume that the maintainer is not aware of this CVE, or the Arch package is not affected. Unfortunately, I am not sure what the procedure is to alert the security team in case of the former, but opening a bug report is generally a good way of alerting the package maintainer to issues.
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
Offline
#3 2017-02-04 04:12:59
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 12,214
Re: [SOLVED] libarchive: Unresolved CVE-2017-5601?
A bug report will serve as notification to the security team as well.
Offline
#4 2017-02-04 09:02:22
- adamlau
- Member
- Registered: 2009-01-30
- Posts: 418
Re: [SOLVED] libarchive: Unresolved CVE-2017-5601?
Recommendations noted. Bug report filed.
Arch Linux + sway
Debian Testing + GNOME/sway
NetBSD 64-bit + Xfce
Offline