Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#57643 - [libfreexl] Multiple CVEs
Attached to Project:
Community Packages
Opened by Karol Babioch (kbabioch) - Monday, 26 February 2018, 08:59 GMT
Last edited by Doug Newgard (Scimmia) - Tuesday, 13 March 2018, 22:50 GMT
Opened by Karol Babioch (kbabioch) - Monday, 26 February 2018, 08:59 GMT
Last edited by Doug Newgard (Scimmia) - Tuesday, 13 March 2018, 22:50 GMT
|
DetailsCurrent version of libfreexl is vulnerable to the following CVEs:
CVE-2018-7435 CVE-2018-7436 CVE-2018-7437 CVE-2018-7438 CVE-2018-7439 All fixed in version 1.0.5 (available upstream). |
This task depends upon
Closed by Doug Newgard (Scimmia)
Tuesday, 13 March 2018, 22:50 GMT
Reason for closing: Fixed
Additional comments about closing: libfreexl 1.0.5-1
Tuesday, 13 March 2018, 22:50 GMT
Reason for closing: Fixed
Additional comments about closing: libfreexl 1.0.5-1