FS#70050 - [riscv32-elf-newlib] [Security] arbitrary code execution (CVE-2021-3420)
Attached to Project:
Community Packages
Opened by Jonas Witschel (diabonas) - Thursday, 18 March 2021, 10:54 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:07 GMT
Opened by Jonas Witschel (diabonas) - Thursday, 18 March 2021, 10:54 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:07 GMT
|
Details
Summary
======= The package riscv32-elf-newlib is vulnerable to arbitrary code execution via CVE-2021-3420. Guidance ======== Updating riscv32-elf-newlib to the latest version 4.1.0 (or applying the patch referenced below) fixes the issue. References ========== https://security.archlinux.org/AVG-1628 https://bugzilla.redhat.com/show_bug.cgi?id=1934088 https://sourceware.org/git/?p=newlib-cygwin.git;a=commitdiff;h=aa106b29a6a8a1b0df9e334704292cbc32f2d44e |
This task depends upon
Closed by Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:07 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/riscv32-elf-newlib/iss ues/2
Saturday, 25 November 2023, 20:07 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/riscv32-elf-newlib/iss ues/2
Comment by
Buggy McBugFace (bugbot) - Tuesday,
08 August 2023, 19:11 GMT
This is an automated comment as this bug is open for more then 2
years. Please reply if you still experience this bug otherwise
this issue will be closed after 1 month.