FEDORA-2018-078b082cbe created by tomh 2 years ago for Fedora 28
stable

Add patch for CVE-2018-10733

How to install

sudo dnf upgrade --advisory=FEDORA-2018-078b082cbe

This update has been submitted for testing by tomh.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon besser82 commented & provided feedback 2 years ago
karma

Works great! LGTM! =)

User Icon cserpentis commented & provided feedback 2 years ago
karma

works for me

Dear tomh,

thanks for the update. Can You confirm, that both CVE-2018-10733 (as mentioned in bug and changelog) and CVE-2018-10767 (as mentioned here) are fixed with this update?

Cheers

User Icon pwalter commented & provided feedback 2 years ago
karma

Works

This update has been submitted for batched by bodhi.

2 years ago

If it fixed both I would list them both. As far as I know there is no patch for the second one yet, or at least there wasn't when I built this. Well strictly speaking I had just finished building it when the second one came in but as there was no patch for it I pushed this out without waiting.

Sure, thanks for the clarification. The hint 'Add patch for CVE-2018-10767' in the update-details of FEDORA-2018-078b082cbe and FEDORA-2018-46f3f13c68 confused me.

Ah sorry didn't realise I had mixed up the numbers - will fix that.

tomh edited this update.

2 years ago

no harm done .) cheers!

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#1576112 CVE-2018-10733 libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c [fedora-all]
0
0

Automated Test Results