#19964 closed enhancement (fixed)
cryptsetup-2.7.3
| Reported by: | Bruce Dubbs | Owned by: | Rahul Chandra |
|---|---|---|---|
| Priority: | elevated | Milestone: | 12.2 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description ¶
New point version.
Change History (8)
comment:1 by , 10 months ago
comment:2 by , 10 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:3 by , 10 months ago
| Priority: | normal → elevated |
|---|
follow-up: 8 comment:4 by , 10 months ago
For some reason they don't have a CVE for the security fixes
comment:7 by , 10 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
comment:8 by , 9 months ago
Replying to Rahul Chandra:
For some reason they don't have a CVE for the security fixes
I think that's kind of weird as well. I've done a little bit of research into it and haven't come up with anything, and no other distros seem to have done a security response for this update.
Filing an SA was definitely the right call though because of the data destruction bug. I think the best course of action might be to modify the security advisory to point towards the release notes just so that users can find additional info there if they need it.
Note:
See TracTickets
for help on using tickets.
https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.3-ReleaseNotes