All 4 CVEs were fixed in the 6.0.2 release and the release announcement was updated last night to say this (to coincide with the public disclosure that happened today). There will be another email on the developer list later today with more details.
-Ian On Wed, Feb 16, 2022 at 2:18 PM Steven A. Falco <stevenfa...@gmail.com> wrote: > I've just received a large number of bugs against KiCad, supposedly due to > CVE-2022-23803, CVE-2022-23804, CVE-2022-23946, CVE-2022-23947. > > I don't have time to look into them, but I wanted to make them known. > There are apparently also bugs for this on the gentoo site - here is one: > https://bugs.gentoo.org/833426 > > Here are the Fedora bugs: > > https://bugzilla.redhat.com/show_bug.cgi?id=2054956 > https://bugzilla.redhat.com/show_bug.cgi?id=2054957 > https://bugzilla.redhat.com/show_bug.cgi?id=2054959 > https://bugzilla.redhat.com/show_bug.cgi?id=2054960 > https://bugzilla.redhat.com/show_bug.cgi?id=2054955 > https://bugzilla.redhat.com/show_bug.cgi?id=2054973 > https://bugzilla.redhat.com/show_bug.cgi?id=2054974 > https://bugzilla.redhat.com/show_bug.cgi?id=2054979 > https://bugzilla.redhat.com/show_bug.cgi?id=2054980 > https://bugzilla.redhat.com/show_bug.cgi?id=2054958 > https://bugzilla.redhat.com/show_bug.cgi?id=2054972 > https://bugzilla.redhat.com/show_bug.cgi?id=2054978 > > _______________________________________________ > Mailing list: https://launchpad.net/~kicad-developers > Post to : kicad-developers@lists.launchpad.net > Unsubscribe : https://launchpad.net/~kicad-developers > More help : https://help.launchpad.net/ListHelp >
_______________________________________________ Mailing list: https://launchpad.net/~kicad-developers Post to : kicad-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~kicad-developers More help : https://help.launchpad.net/ListHelp
