rinse broken due to cpio fix for CVE-2015-1197
Bug #1446468 reported by
Ashish Kulkarni
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| rinse (Debian) |
Fix Released
|
Unknown
|
|||
| rinse (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Bug Description
The version of rinse in Vivid is broken due to the fix for CVE-2015-1197 in the "cpio" package. See the upstream comments [1] on how this makes it mostly unusable and classified as an RC bug for jessie. This was also unblocked [2] by the release team for jessie.
I recommend that
(1) either the new version should be uploaded before the release, or
(2) the package be removed for the current release
[1] https:/
[2] https:/
CVE References
| Changed in rinse (Debian): | |
| status: | Unknown → Fix Released |
Revision history for this message
| Micah Gersten (micahg) wrote | #1 |
| Changed in rinse (Ubuntu): | |
| assignee: | nobody → Micah Gersten (micahg) |
| status: | New → In Progress |
| importance: | Undecided → High |
| assignee: | Micah Gersten (micahg) → nobody |
Revision history for this message
| Micah Gersten (micahg) wrote | #2 |
| Changed in rinse (Ubuntu): | |
| status: | In Progress → Fix Committed |
| status: | Fix Committed → Fix Released |
Revision history for this message
| Micah Gersten (micahg) wrote | #3 |
To post a comment you must log in.
Thank you for keeping Ubuntu up to date. I'll sync this over.