One additional question - I know that 5.1.12 was the last planned release in 
the 5.x series, and that 5.1.12 has the vulnerability.  Currently, because of 
Fedora policy, both F34 and F35 still ship 5.1.12.

I'll ask on the Fedora list if this event qualifies as an exception to the 
policy, but if not, how involved would it be to patch 5.1.12, or perhaps to 
spin a 5.1.13 just to fix this issue?

        Steve

On 2/16/22 11:49 AM, Steven A. Falco wrote:
Excellent!  I'll note that on the Fedora bugs.

     Thanks,
     Steve

On 2/16/22 09:44 AM, Ian McInerney wrote:
All 4 CVEs were fixed in the 6.0.2 release and the release announcement was 
updated last night to say this (to coincide with the public disclosure that 
happened today). There will be another email on the developer list later today 
with more details.

-Ian

On Wed, Feb 16, 2022 at 2:18 PM Steven A. Falco <stevenfa...@gmail.com 
<mailto:stevenfa...@gmail.com>> wrote:

    I've just received a large number of bugs against KiCad, supposedly due to 
CVE-2022-23803, CVE-2022-23804, CVE-2022-23946, CVE-2022-23947.

    I don't have time to look into them, but I wanted to make them known.  There are 
apparently also bugs for this on the gentoo site - here is one: 
https://bugs.gentoo.org/833426 <https://bugs.gentoo.org/833426>

    Here are the Fedora bugs:

    https://bugzilla.redhat.com/show_bug.cgi?id=2054956 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054956>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054957 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054957>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054959 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054959>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054960 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054960>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054955 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054955>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054973 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054973>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054974 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054974>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054979 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054979>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054980 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054980>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054958 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054958>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054972 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054972>
    https://bugzilla.redhat.com/show_bug.cgi?id=2054978 
<https://bugzilla.redhat.com/show_bug.cgi?id=2054978>

    _______________________________________________
    Mailing list: https://launchpad.net/~kicad-developers 
<https://launchpad.net/~kicad-developers>
    Post to     : kicad-developers@lists.launchpad.net 
<mailto:kicad-developers@lists.launchpad.net>
    Unsubscribe : https://launchpad.net/~kicad-developers 
<https://launchpad.net/~kicad-developers>
    More help   : https://help.launchpad.net/ListHelp 
<https://help.launchpad.net/ListHelp>




_______________________________________________
Mailing list: https://launchpad.net/~kicad-developers
Post to     : kicad-developers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kicad-developers
More help   : https://help.launchpad.net/ListHelp

Reply via email to