bug#47627: syncthing package is vulnerable to CVE-2021-21404

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47627: syncthing package is vulnerable to CVE-2021-21404

From:	Léo Le Bouter
Subject:	bug#47627: syncthing package is vulnerable to CVE-2021-21404
Date:	Mon, 12 Apr 2021 02:27:51 +0200
User-agent:	Evolution 3.34.2

On Thu, 2021-04-08 at 20:01 -0400, Leo Famulari wrote:
> On Tue, Apr 06, 2021 at 06:51:47PM -0400, Leo Famulari wrote:
> > Yeah. Given this report, we could also just build Syncthing with
> > the
> > bundled source code, which is freely licensed.
> 
> I've attached the patch.

I tested this patch on my system, works great with the syncthing
service also. LGTM from me.

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

bug#47627: syncthing package is vulnerable to CVE-2021-21404, Léo Le Bouter, 2021/04/06
- bug#47627: syncthing package is vulnerable to CVE-2021-21404, Leo Famulari, 2021/04/06
  - bug#47627: syncthing package is vulnerable to CVE-2021-21404, Leo Famulari, 2021/04/08
    - bug#47627: syncthing package is vulnerable to CVE-2021-21404, Léo Le Bouter <=
    - bug#47627: syncthing package is vulnerable to CVE-2021-21404, Leo Famulari, 2021/04/11

Prev by Date: bug#46829: Fresh install of 1.2.0 can't guix pull
Next by Date: bug#47713: Icecat doesnt show numbers for anything
Previous by thread: bug#47627: syncthing package is vulnerable to CVE-2021-21404
Next by thread: bug#47627: syncthing package is vulnerable to CVE-2021-21404
Index(es):
- Date
- Thread