bug#47627: syncthing package is vulnerable to CVE-2021-21404

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47627: syncthing package is vulnerable to CVE-2021-21404

From:	Leo Famulari
Subject:	bug#47627: syncthing package is vulnerable to CVE-2021-21404
Date:	Sun, 11 Apr 2021 21:54:55 -0400

On Mon, Apr 12, 2021 at 02:27:51AM +0200, Léo Le Bouter wrote:
> On Thu, 2021-04-08 at 20:01 -0400, Leo Famulari wrote:
> > On Tue, Apr 06, 2021 at 06:51:47PM -0400, Leo Famulari wrote:
> > > Yeah. Given this report, we could also just build Syncthing with
> > > the
> > > bundled source code, which is freely licensed.
> > 
> > I've attached the patch.
> 
> I tested this patch on my system, works great with the syncthing
> service also. LGTM from me.

Thanks for the review. Pushed as
ed3ef756f521a0df8596a88b66f65b7a1ad99252

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

bug#47627: syncthing package is vulnerable to CVE-2021-21404, Léo Le Bouter, 2021/04/06
- bug#47627: syncthing package is vulnerable to CVE-2021-21404, Leo Famulari, 2021/04/06
  - bug#47627: syncthing package is vulnerable to CVE-2021-21404, Leo Famulari, 2021/04/08
    - bug#47627: syncthing package is vulnerable to CVE-2021-21404, Léo Le Bouter, 2021/04/11
    - bug#47627: syncthing package is vulnerable to CVE-2021-21404, Leo Famulari <=

Prev by Date: bug#47716: gio mount broken, again.
Next by Date: bug#46829: Fresh install of 1.2.0 can't guix pull
Previous by thread: bug#47627: syncthing package is vulnerable to CVE-2021-21404
Next by thread: bug#47628: Epiphany fails to launch after webkitgtk-2.32.0 update
Index(es):
- Date
- Thread