Anne Nicolas <ennael1@...> writes: > Le 23/03/2012 01:31, David Walser a écrit : > > New vulnerabilities CVE-2012-1162 (heap overflow) and CVE-2012-1163 (integer > > overflow) in libzip, which also affect PHP (probably the php-zip subpackage) > > were recently announced. > > > > libzip 0.10.1 has been released to fix these. I have updated it in SVN and > > confirmed it builds, but I have not tested it yet. > > > > References: > > https://bugs.mageia.org/show_bug.cgi?id=5063 > > http://seclists.org/oss-sec/2012/q1/710 > > https://bugzilla.redhat.com/show_bug.cgi?id=802564 > > https://bugzilla.redhat.com/show_bug.cgi?id=803028 > > http://pkgsubmit.mageia.org/uploads/failure/cauldron/core/release/20120323073855.ennael.valstar.7406/log
I just tried building it on Cauldron again, and it builds fine. Can you try resubmitting? Maybe it was a transient issue on the build system.
