someboday already did that without touching the bug report:
** Changed in: libzstd (Ubuntu Xenial)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1755310
Title:
Ack from the Ubuntu Security team for moving libztsd into main in
xenial.
(There is a third CVE believed to be affecting libzstd/xenial as well,
CVE-2019-11922)
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11922
--
You received this bug notification because you are a
Dpkg in xenial-proposed now depends on libzstd, but it has open CVEs:
https://ubuntu.com/security/cve?q==libzstd
As I understand dpkg is not affected because it does not use the zstd
command and does not implement compression.
To not introduce CVE-2021-24031 and CVE-2021-24032 the zstd binary
** Also affects: libzstd (Ubuntu Xenial)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1755310
Title:
MIR libzstd
To manage notifications about this bug
that looks ok
Override component to main
libzstd 1.3.3+dfsg-2ubuntu1 in bionic: universe/misc -> main
libzstd-dev 1.3.3+dfsg-2ubuntu1 in bionic amd64:
universe/libdevel/optional/100% -> main
libzstd-dev 1.3.3+dfsg-2ubuntu1 in bionic arm64:
universe/libdevel/optional/100% -> main
libzstd-dev
foundations-bugs subscribed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1755310
Title:
MIR libzstd
To manage notifications about this bug go to:
