On Mon, Mar 19, 2018 at 06:20:44PM +0100, Santiago Vila wrote: > On Mon, Mar 19, 2018 at 05:58:04PM +0100, Moritz Muehlenhoff wrote: > > Source: sharutils > > Severity: grave > > Tags: security > > > > This has been assigned CVE-2018-1000097: > > http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00004.html > > > > Proposed patch at: > > http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00005.html > > Thanks for the report. Simple question: Is this the same problem as this one? > > http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00003.html > > or there will be another different CVE for that? > > (I will apply the proposed patch anyway, since it's a one-liner).
I'm not sure yet, http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00003.html might be a different issue, the CVE assignment is apparently only for "msg00004.html". Cheers, Moritz