Overview
Request 720573 accepted
- Update to version 1.4.2 for
* fix race condition in one-pass compression functions that could
allow out of bounds write (CVE-2019-11922, boo#1142941)
Leap 15.0 users of libzstd are: blosc borgbackup btrfsprogs casync fsarchiver tor .
15.1 adds libdnf libsolv zchunk .
I tested with tor that it still started fine with libzstd1-1.4.2
- Created by bmwiedemann
- In state accepted
Request History
bmwiedemann created request
- Update to version 1.4.2 for
* fix race condition in one-pass compression functions that could
allow out of bounds write (CVE-2019-11922, boo#1142941)
Leap 15.0 users of libzstd are: blosc borgbackup btrfsprogs casync fsarchiver tor .
15.1 adds libdnf libsolv zchunk .
I tested with tor that it still started fine with libzstd1-1.4.2
licensedigger accepted review
ok
factory-auto accepted review
Check script succeeded
maintbot accepted review
ok
maintbot approved review
ok
vitezslav_cizek moved maintenance target to openSUSE:Maintenance:10720
vitezslav_cizek accepted request
accepted request 720573:Thanks!
For information about the update, see https://build.opensuse.org/project/maintenance_incidents/openSUSE:Maintenance
question: will this be inherited by 15.1 or do I have to submit another SR?
You'll have to create one, unfortunately there's no update syncing between Leap codestreams. This happens only when the package is inherited from SLE.
Archiving/zstd@757cb0476da48e490b47f3a77ee4b165 -> openSUSE:Leap:15.0:Update/zstd
expected origin is 'openSUSE:Factory' (changed)
sr#720572 review by openSUSE:Factory:Staging:C ok
found pending submission against origin (openSUSE:Factory)