Distributions that would like to release a patched version of 5.1, 5.0 or 4.0 can cherry-pick the patch series. They should apply cleanly.
Seth On Wed, Feb 16, 2022 at 9:16 AM Steven A. Falco <stevenfa...@gmail.com> wrote: > One additional question - I know that 5.1.12 was the last planned release > in the 5.x series, and that 5.1.12 has the vulnerability. Currently, > because of Fedora policy, both F34 and F35 still ship 5.1.12. > > I'll ask on the Fedora list if this event qualifies as an exception to the > policy, but if not, how involved would it be to patch 5.1.12, or perhaps to > spin a 5.1.13 just to fix this issue? > > Steve > > On 2/16/22 11:49 AM, Steven A. Falco wrote: > > Excellent! I'll note that on the Fedora bugs. > > > > Thanks, > > Steve > > > > On 2/16/22 09:44 AM, Ian McInerney wrote: > >> All 4 CVEs were fixed in the 6.0.2 release and the release announcement > was updated last night to say this (to coincide with the public disclosure > that happened today). There will be another email on the developer list > later today with more details. > >> > >> -Ian > >> > >> On Wed, Feb 16, 2022 at 2:18 PM Steven A. Falco <stevenfa...@gmail.com > <mailto:stevenfa...@gmail.com>> wrote: > >> > >> I've just received a large number of bugs against KiCad, supposedly > due to CVE-2022-23803, CVE-2022-23804, CVE-2022-23946, CVE-2022-23947. > >> > >> I don't have time to look into them, but I wanted to make them > known. There are apparently also bugs for this on the gentoo site - here > is one: https://bugs.gentoo.org/833426 <https://bugs.gentoo.org/833426> > >> > >> Here are the Fedora bugs: > >> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054956 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054956> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054957 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054957> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054959 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054959> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054960 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054960> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054955 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054955> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054973 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054973> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054974 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054974> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054979 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054979> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054980 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054980> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054958 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054958> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054972 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054972> > >> https://bugzilla.redhat.com/show_bug.cgi?id=2054978 < > https://bugzilla.redhat.com/show_bug.cgi?id=2054978> > >> > >> _______________________________________________ > >> Mailing list: https://launchpad.net/~kicad-developers < > https://launchpad.net/~kicad-developers> > >> Post to : kicad-developers@lists.launchpad.net <mailto: > kicad-developers@lists.launchpad.net> > >> Unsubscribe : https://launchpad.net/~kicad-developers < > https://launchpad.net/~kicad-developers> > >> More help : https://help.launchpad.net/ListHelp < > https://help.launchpad.net/ListHelp> > >> > > > > > _______________________________________________ > Mailing list: https://launchpad.net/~kicad-developers > Post to : kicad-developers@lists.launchpad.net > Unsubscribe : https://launchpad.net/~kicad-developers > More help : https://help.launchpad.net/ListHelp > -- [image: KiCad Services Corporation Logo] Seth Hillbrand *Lead Developer* +1-530-302-5483 Long Beach, CA www.kipro-pcb.com i...@kipro-pcb.com
_______________________________________________ Mailing list: https://launchpad.net/~kicad-developers Post to : kicad-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~kicad-developers More help : https://help.launchpad.net/ListHelp
