Ubuntu
zutty package

CVE-2022-41138: Unreleased in zutty

Bug #2000848 reported by David Leadbeater on 2023-01-01

258

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	zutty (Ubuntu)	Confirmed	Undecided	Unassigned

Bug Description

Zutty in jammy and kinetic is vulnerable to CVE-2022-41138:

https://nvd.nist.gov/vuln/detail/CVE-2022-41138
https://bugs.gentoo.org/show_bug.cgi?id=868495

See original description

Tags:

CVE References

2022-41138

Revision history for this message

Eduardo Barretto (ebarretto) wrote on 2023-01-03:

Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

tags:	added: community-security
description:	updated
information type:	Private Security → Public Security

Eduardo Barretto (ebarretto) on 2023-01-03

Changed in zutty (Ubuntu):
status:	New → Confirmed

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuzutty package