Dear R-core, I just received notification of CVE-2024-27322 [1] in RedHat's Bugzilla. We updated R to v4.4.0 in Fedora rawhide, F40, EPEL9 and EPEL8, so no problem there. However, F38 and F39 will stay at v4.3.3, and I was wondering if there's a specific patch available, or if you could point me to the commits that fixed the issue, so that we can cherry-pick them for F38 and F39. Thanks.
[1] https://nvd.nist.gov/vuln/detail/CVE-2024-27322 Best, -- Iñaki Úcar [[alternative HTML version deleted]] ______________________________________________ R-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel