Hi Robert, On Mon, Dec 23, 2019 at 08:10:38PM +0100, Robert Luberda wrote: > Salvatore Bonaccorso writes: > > Control: reopen -1 > > Control: found -1 12.2.0-1 > > > Hi, > > > >> sysstat (12.2.0-1) unstable; urgency=medium > >> . > >> * New upstream stable version: > >> + fixes double free in check_file_actlst in check_file_actlst in > >> sa_common.c (CVE-2019-19725, closes: #946657). > > > > But this is not actually true I believe. > > https://github.com/sysstat/sysstat/commit/a5c8abd4a481ee6e27a3acf00e6d9b0f023e20ed > > is not applied in 12.2.0-1, and I do not see it applied as patch as > > I don't know why, but I've assumed that 12.2.0 fixed the issue :( > Thanks for noticing my mistake; I'll apply the upstream patch in -2 shortly.
No worries and thanks for following up with the fix! Regards, Salvatore
