View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000174||AlmaLinux-8||-OTHER||public||2022-01-17 15:01||2022-01-18 16:51|
|Summary||0000174: I believe I have found an miss assigned ID in the updateinfo in the BaseOs repo|
|Description||So long story short as this is either an easy fix or intended and I simply miss understand.|
So we have a a tool I wrote at my company which parses updateinfo in the repo and reports security info to a central place for patch reporting etc.
As part of this I recently added alma info as we moved away from centos. As part of this I stumbled across the id --> ALBA-2019:3693
This seems to be labelled ALBA in the updateinfo but from my understanding this should be an ALSA as it applies a fix for CVE-2018-18074 going from its own description.
My understanding to add context is ALBA is the Alma Linux Bug Announce and ALSA is the ALMA Linux Security Announce. ( This is a guess going from centos's CESA and other updateinfo formats from other providers)
So put simply is ALBA-2019:3693 correct or should this be ALSA-2019:3693 or does it not matter?
|Steps To Reproduce||Read the updateinfo file from the BaseOS almalinux8 repo|
|Tags||No tags attached.|
Hello. ALBA is correct. Original bulletin is RHBA-2019:3693 - Bug Fix Advisory https://access.redhat.com/errata/RHBA-2019:3693
This update doesn't fix vulnerability. It fixes bug that was added in previous security update of this package. So it's bugfix release.
The fix CVE-2018-18074 leads to a regression (BZ#1758261)