FS#70051 - [zint] [Security] arbitrary code execution (CVE-2021-27799)

Attached to Project: Community Packages
Opened by Jonas Witschel (diabonas) - Thursday, 18 March 2021, 10:56 GMT
Last edited by Balló György (City-busz) - Sunday, 30 May 2021, 10:27 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Balló György (City-busz)
Levente Polyak (anthraxx)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Summary
=======

The package zint is vulnerable to arbitrary code execution via CVE-2021-27799.

Guidance
========

Applying commit 7f8c8114f31c09a986597e0ba63a49f96150368a referenced below fixes the issue.

References
==========

https://security.archlinux.org/AVG-1625
https://sourceforge.net/p/zint/tickets/218/
https://sourceforge.net/p/zint/code/ci/7f8c8114f31c09a986597e0ba63a49f96150368a/
This task depends upon

Closed by  Balló György (City-busz)
Sunday, 30 May 2021, 10:27 GMT
Reason for closing:  Fixed
Additional comments about closing:  zint 2.9.1-2

Loading...