[Touch-packages] [Bug 2089680] [NEW] Insufficient fix for CVE-2024-10573

Tue, 26 Nov 2024 06:40:55 -0800 

*** This bug is a security vulnerability ***

Public security bug reported:

The fix for CVE-2024-10573 is insufficient in certain releases, pending
investigation. This is the tracking bug.

** Affects: mpg123 (Ubuntu)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: New

** Affects: mpg123 (Ubuntu Focal)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Affects: mpg123 (Ubuntu Jammy)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: New

** Affects: mpg123 (Ubuntu Noble)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: New

** Affects: mpg123 (Ubuntu Oracular)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: New

** Affects: mpg123 (Ubuntu Plucky)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: New

** Also affects: mpg123 (Ubuntu Plucky)
   Importance: Undecided
       Status: New

** Also affects: mpg123 (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Also affects: mpg123 (Ubuntu Oracular)
   Importance: Undecided
       Status: New

** Also affects: mpg123 (Ubuntu Noble)
   Importance: Undecided
       Status: New

** Also affects: mpg123 (Ubuntu Jammy)
   Importance: Undecided
       Status: New

** Changed in: mpg123 (Ubuntu Focal)
       Status: New => Confirmed

** Changed in: mpg123 (Ubuntu Focal)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: mpg123 (Ubuntu Jammy)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: mpg123 (Ubuntu Noble)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: mpg123 (Ubuntu Oracular)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: mpg123 (Ubuntu Plucky)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mpg123 in Ubuntu.
https://bugs.launchpad.net/bugs/2089680

Title:
  Insufficient fix for CVE-2024-10573

Status in mpg123 package in Ubuntu:
  New
Status in mpg123 source package in Focal:
  Confirmed
Status in mpg123 source package in Jammy:
  New
Status in mpg123 source package in Noble:
  New
Status in mpg123 source package in Oracular:
  New
Status in mpg123 source package in Plucky:
  New

Bug description:
  The fix for CVE-2024-10573 is insufficient in certain releases,
  pending investigation. This is the tracking bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mpg123/+bug/2089680/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to