You are not logged in.

#1 2017-02-04 00:57:25

adamlau
Member
Registered: 2009-01-30
Posts: 404

[SOLVED] libarchive: Unresolved CVE-2017-5601?

Any reason why it is not being patched for CVE-2017-5601? I have not noted any regressions with the commit patch.

Last edited by adamlau (2017-02-04 09:01:52)


NetBSD 64-bit + Xfce
Arch Linux / spectrwm

Offline

#2 2017-02-04 02:17:12

WorMzy
Forum Moderator
From: Scotland
Registered: 2010-06-16
Posts: 6,891
Website

Re: [SOLVED] libarchive: Unresolved CVE-2017-5601?

I don't see the CVE listed at security.archlinux.org, nor do I see it mentioned on the arch-security mailing list, as such, I can only assume that the maintainer is not aware of this CVE, or the Arch package is not affected. Unfortunately, I am not sure what the procedure is to alert the security team in case of the former, but opening a bug report is generally a good way of alerting the package maintainer to issues.


Sakura:-
Mobo: ASUS P8Z77-V PRO // Processor: Intel Core i7-3770K 3.4GHz // GFX: nVidia GeForce GTX 970 Ti // RAM: 32GB (4x 8GB) Corsair DDR3 (@ 2133MHz) // Storage: 1x 3TB Seagate SATAII 5x 1TB Samsung SATAII, 2x 120GB Corsair SSD

Making lemonade from lemons since 2015.

Offline

#3 2017-02-04 04:12:59

Scimmia
Bug Wrangler
Registered: 2012-09-01
Posts: 5,973

Re: [SOLVED] libarchive: Unresolved CVE-2017-5601?

A bug report will serve as notification to the security team as well.

Offline

#4 2017-02-04 09:02:22

adamlau
Member
Registered: 2009-01-30
Posts: 404

Re: [SOLVED] libarchive: Unresolved CVE-2017-5601?

Recommendations noted. Bug report filed.


NetBSD 64-bit + Xfce
Arch Linux / spectrwm

Offline

Board footer

Powered by FluxBB