On 12/07/2022 13:43, Meirav Rath via GNU coreutils Bug Reports wrote:
Hello,
My name is Meirav Rath, I'm a software developer and security champion at
Imperva.
As part of our effort to map security risks in our products I've been scanning our
3rd party rpms for vulnerabilities. It looks like coreutils available rpm for CentOS
7.9 (8.22) has the vulnerability
CVE-2017-18018<https://nvd.nist.gov/vuln/detail/CVE-2017-18018>.
When can we expect an updated RPM of a more advanced version with fixes for
this issues, aimed for CentOS7.9?
This was previously discussed at:
https://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html
With corresponding doc patch at:
https://git.sv.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=bc2fd9796
cheers,
Pádraig
