Ubuntu
zbar package

  1. Bug #2039712
  2. Activity log

Activity log for bug #2039712

Date Who What changed Old value New value Message
2023-10-18 16:21:02 Remi Meier bug added bug
2023-10-18 16:21:58 Remi Meier description There are two CVEs with a score of 9.8 CRITICAL published on 29-08-2023: * https://nvd.nist.gov/vuln/detail/CVE-2023-40889 * https://nvd.nist.gov/vuln/detail/CVE-2023-40890 Now new release seems to be available that fixes these vulnerabilities. The latest package version seems to be zbar-tools (0.23-1.3). Additional information: ~ $ lsb_release -rd No LSB modules are available. Description: Ubuntu 23.04 Release: 23.04 ~ $ apt-cache policy zbar-tools zbar-tools: Installed: 0.23.92-7 Candidate: 0.23.92-7 Version table: *** 0.23.92-7 500 500 http://ch.archive.ubuntu.com/ubuntu lunar/universe amd64 Packages 100 /var/lib/dpkg/status # Expected No CVE # Actual There are two known CVEs There are two CVEs with a score of 9.8 CRITICAL published on 29-08-2023: * https://nvd.nist.gov/vuln/detail/CVE-2023-40889 * https://nvd.nist.gov/vuln/detail/CVE-2023-40890 No new release seems to be available that fixes these vulnerabilities. The latest package version seems to be zbar-tools (0.23.92-7). Additional information: ~ $ lsb_release -rd No LSB modules are available. Description: Ubuntu 23.04 Release: 23.04 ~ $ apt-cache policy zbar-tools zbar-tools:   Installed: 0.23.92-7   Candidate: 0.23.92-7   Version table:  *** 0.23.92-7 500         500 http://ch.archive.ubuntu.com/ubuntu lunar/universe amd64 Packages         100 /var/lib/dpkg/status # Expected No CVE # Actual There are two known CVEs
2023-10-18 16:22:20 Remi Meier cve linked 2023-40890
2023-10-18 16:22:37 Remi Meier cve linked 2023-40889
2023-10-18 16:24:25 Remi Meier information type Private Security Public Security
2023-10-24 16:02:51 Eduardo Barretto bug watch added https://github.com/mchehab/zbar/issues/263
2023-10-24 16:03:03 Eduardo Barretto zbar (Ubuntu): status New Confirmed