group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 2064509] Re: Fossil regression due CVE-2024-24795

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <2064509@xxxxxxxxxxxxxxxxxx>
Date: Thu, 09 May 2024 16:40:45 -0000
Reply-to: Bug 2064509 <2064509@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

This bug was fixed in the package fossil - 1:2.22-1ubuntu0.1

---------------
fossil (1:2.22-1ubuntu0.1) mantic-security; urgency=medium

  * SECURITY REGRESSION: break due to apache2 security update (LP: #2064509)
    - debian/patches/missing-content-length-fix-*.patch: Update HTTP reply
      parser to deal with a missing Content-Length header.

 -- Ian Constantin <ian.constantin@xxxxxxxxxxxxx>  Wed, 08 May 2024
14:46:57 +0300

** Changed in: fossil (Ubuntu Mantic)
       Status: New => Fix Released

** Changed in: fossil (Ubuntu Jammy)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/2064509

Title:
  Fossil regression due  CVE-2024-24795

Status in fossil package in Ubuntu:
  New
Status in fossil source package in Xenial:
  New
Status in fossil source package in Bionic:
  New
Status in fossil source package in Focal:
  Fix Released
Status in fossil source package in Jammy:
  Fix Released
Status in fossil source package in Mantic:
  Fix Released
Status in fossil source package in Noble:
  Fix Released
Status in fossil package in Debian:
  Fix Released

Bug description:
  == SUMMARY ==
  After CVE-2024-24795 reports were made that fossil stop to work properly
  ref: https://bz.apache.org/bugzilla/show_bug.cgi?id=68905

  == FIX == 
  https://fossil-scm.org/home/info/f4ffefe708793b03

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/fossil/+bug/2064509/+subscriptions