Bug ID 1208115
Summary libdb 4.8.30 matched in rpm-4.14.3-150300.52.1.x86_64.rpm
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.4
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter simonalogan@gmail.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

Our security scanning tool has matched libdb 4.8.30 in
rpm-4.14.3-150300.52.1.x86_64.rpm as follows:

Full File Path rpm-4.14.3-150300.52.1.x86_64.rpm/usr/lib64/librpm.so.8.2.0
Signature 0:"Berkeley DB 4.8.30:"

libdb was previously examined in
https://bugzilla.suse.com/show_bug.cgi?id=1036086 and declared WONTFIX. It���������s
now 6 years later and our security scanner is still flagging CVE-2017-3604 -
CVE-2017-3617 against libdb 4.8.30 in rpm-4.14.3-150300.52.1.x86_64.rpm

Is it possible to revisit this?

Thanks,
Simon

You are receiving this mail because: