Bug#1001849: Acknowledgement (bullseye-pu: package glewlwyd/2.5.2-2+deb11u1)

To: Nicolas Mora <babelouest@debian.org>
Cc: 1001849@bugs.debian.org
Subject: Bug#1001849: Acknowledgement (bullseye-pu: package glewlwyd/2.5.2-2+deb11u1)
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 24 Dec 2021 20:36:58 +0100
Message-id: <[🔎] YcYhWihA23zn0dXf@eldamar.lan>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1001849@bugs.debian.org
In-reply-to: <[🔎] Yb2kULHBHutyjwtZ@eldamar.lan>
References: <[🔎] 163976836135.634477.8539415834013090324.reportbug@galahad> <handler.1001849.B.163976836410237.ack@bugs.debian.org> <[🔎] 163976836135.634477.8539415834013090324.reportbug@galahad> <[🔎] 35a343d2-a37e-3fdf-a777-8a526ae165ac@debian.org> <[🔎] Yb2j9o0wVVH9gM8n@eldamar.lan> <[🔎] 163976836135.634477.8539415834013090324.reportbug@galahad> <[🔎] Yb2kULHBHutyjwtZ@eldamar.lan> <[🔎] 163976836135.634477.8539415834013090324.reportbug@galahad>

Hi Nicolas,

On Sat, Dec 18, 2021 at 10:05:20AM +0100, Salvatore Bonaccorso wrote:
> Hi,
> 
> On Sat, Dec 18, 2021 at 10:03:51AM +0100, Salvatore Bonaccorso wrote:
> > Hi Nicolas,
> > 
> > On Fri, Dec 17, 2021 at 08:25:38PM -0500, Nicolas Mora wrote:
> > > See attached debdiff
> > 
> > > diff -Nru glewlwyd-2.5.2/debian/changelog glewlwyd-2.5.2/debian/changelog
> > > --- glewlwyd-2.5.2/debian/changelog	2021-09-22 08:42:59.000000000 -0400
> > > +++ glewlwyd-2.5.2/debian/changelog	2021-12-17 07:51:46.000000000 -0500
> > > @@ -1,3 +1,9 @@
> > > +glewlwyd (2.5.2-2+deb11u2) bullseye; urgency=medium
> > > +
> > > +  * d/patches: Fix possible privilege escalation (Closes: #1001849)
> > 
> > This should ot close the release.d.o filled bug, but the bug in the
> > BTS associates with glewlwyd if one exists. Related question: is there
> > a CVE and details on the issue?
> 
> Answering the last question to myself: As you stated the CVE was
> requested :)

Any news on the CVE assignment? Did MITRE respond?

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#1001849: Acknowledgement (bullseye-pu: package glewlwyd/2.5.2-2+deb11u1)
  - From: Nicolas Mora <babelouest@debian.org>

References:
- Bug#1001849: bullseye-pu: package glewlwyd/2.5.2-2+deb11u1
  - From: Nicolas Mora <babelouest@debian.org>
- Bug#1001849: Acknowledgement (bullseye-pu: package glewlwyd/2.5.2-2+deb11u1)
  - From: Nicolas Mora <babelouest@debian.org>
- Bug#1001849: Acknowledgement (bullseye-pu: package glewlwyd/2.5.2-2+deb11u1)
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Bug#1001849: Acknowledgement (bullseye-pu: package glewlwyd/2.5.2-2+deb11u1)
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#1002578: nmu: 3depict_0.0.23-1+b1
Next by Date: Bug#1001849: Acknowledgement (bullseye-pu: package glewlwyd/2.5.2-2+deb11u1)
Previous by thread: Bug#1001849: Acknowledgement (bullseye-pu: package glewlwyd/2.5.2-2+deb11u1)
Next by thread: Bug#1001849: Acknowledgement (bullseye-pu: package glewlwyd/2.5.2-2+deb11u1)
Index(es):
- Date
- Thread