Update to my comment, issue is applicable to versions prior to 1.32 of
TAR. Be that as it may, Jammy is not affected.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.net/bugs/1810241
This issue is shown as Open on Jammy. The CVE is applicable to 1.32 and
prior versions of TAR. Jammy uses 1.34, so this status should be not
affected or closed. This was fixed in Focal in
1.30+dfsg-7ubuntu0.20.04.1. Please update the CVE status on Jammy.
--
You received this bug notification
typo in my comment, recommendation is to build tiff with libjbig
disabled... sorry..
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tiff in Ubuntu.
https://bugs.launchpad.net/bugs/1971001
Title:
Multiple vulnerabilities
Can Ubuntu address CVE-2022-1210 similar to other Linux Distros (RHEL,
SUSE, YOCTO,...) with not building tiff with JBIG disabled since the bug
is really in libjbig (build with --disable-jbig) . See Fedora Bug
Tracker https://bugzilla.redhat.com/show_bug.cgi?id=2072615
** Bug watch added: Red
What is the status of this CVE with Ubuntu Jammy? This was fixed in the
upstream in January/February 2022,
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99935#c11
** Bug watch added: GCC Bugzilla #99935
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99935
--
You received this bug notification
5 matches
Mail list logo