FS#69118 : [gobby] [Security] denial of service (CVE-2020-35450)

FS#69118 - [gobby] [Security] denial of service (CVE-2020-35450)

Attached to Project: Community Packages
Opened by Jonas Witschel (diabonas) - Saturday, 26 December 2020, 15:02 GMT
Last edited by Konstantin Gizdov (kgizdov) - Monday, 18 January 2021, 14:12 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Levente Polyak (anthraxx) Konstantin Gizdov (kgizdov)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Summary
=======

The package gobby is vulnerable to denial of service via CVE-2020-35450.

Guidance
========

Applying the patch linked below to the latest released version 0.4.11, or packaging the current master (currently at 98b07eb99b9443dc9b6dd6eea913b5dcf8574a74) like it is done at the moment resolves the issue.

References
==========

https://security.archlinux.org/AVG-1383
https://github.com/gobby/gobby/issues/183
https://github.com/gobby/gobby/pull/184
https://github.com/gobby/gobby/commit/295e697ac83c6638bc7c6f0498534b12278192c7

This task depends upon

Closed by Konstantin Gizdov (kgizdov)
Monday, 18 January 2021, 14:12 GMT
Reason for closing: Fixed
Additional comments about closing: gobby-1:0.5.0+116+g295e697-1

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#69118 - [gobby] [Security] denial of service (CVE-2020-35450)

Details

Loading...