Bug#929042: singularity-container: CVE-2019-11328)
On Thu, May 16, 2019 at 12:59:55PM -0400, Afif Elghraoui wrote:
> On May 15, 2019 5:13:24 PM EDT, Salvatore Bonaccorso <email@example.com> wrote:
> >Hi Afif,
> >On Wed, May 15, 2019 at 10:57:49PM +0200, Salvatore Bonaccorso wrote:
> >> Then there is nothing further to be done.
> >Oh, actually there is an open point: Is it confirmed that 3.0.3 is not
> >affected by the CVE? Did you got any information why this is only
> >introduced in 3.1.0?
> Ok, I asked upstream and the answer is that the commit that
> introduced the bug came after 3.0.3.
Thanks a lot for confirming!
This post to oss-security confirms it: https://www.openwall.com/lists/oss-security/2019/05/16/1
The security-tracker now will mark as well the buster version then as
Thanks for your work!