| ItzSwirlz | sarnold: facts | 00:36 |
|---|---|---|
| === amurray_ is now known as amurray | ||
| === blahdeblah_ is now known as blahdeblah | ||
| rbasak | mdeslaur: I understand openssl Bionic SRUs are backed up. You might find https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1978093 useful though. | 11:59 |
| ubottu | Launchpad bug 1978093 in openssl (Ubuntu Bionic) "openssl: FTBFS due to expired certificates" [Undecided, New] | 11:59 |
| mdeslaur | rbasak: ah, thanks, I'll include those in the security update | 12:00 |
| hank | re: CVE-2021-33912: the broken date is still in the OVAL feeds: `curl -sSLf 'https://security-metadata.canonical.com/oval/com.ubuntu.focal.cve.oval.xml.bz2' | bzgrep '>unknown<'` | 18:38 |
| ubottu | libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of incorrect sprintf usage in SPF_record_expand_data in spf_expand.c. The vulnerable code may be part of the supply chain of a site's e-mail infra... <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33912> | 18:38 |
| hank | ditto the other libspf2 advisory | 18:50 |
| sarnold | argh. :( thanks hank | 19:37 |
| === jchittum_ is now known as jchittum | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!