security-advisories icon indicating copy to clipboard operation
security-advisories copied to clipboard

Published 20 hours ago verified publisher icon haskell

Add advisories for numeric bugs in GHC

Open TristanCacqueray opened this issue 1 year ago • 3 comments
trafficstars

Fixes #210

TristanCacqueray avatar Jul 10 '24 19:07 TristanCacqueray

I am opening this PR to test #213 , and it needs to be rebased once the feature is merged. Also, I need to double check the affected/fixed version and the CVSS score.

TristanCacqueray avatar Jul 10 '24 19:07 TristanCacqueray

This will need rebase after #213 merged; and updating the ghc-component from compiler -> ghc.

frasertweedale avatar Jul 30 '24 08:07 frasertweedale

@TristanCacqueray rebased and force-pushed.

frasertweedale avatar Jul 30 '24 11:07 frasertweedale

I've checked the links and affected versions, I think this is now ready. I updated the ranges for HSEC-2024-0008 since the fix got released in 9.6 and 9.8. For 9.10 this will happen in the next release (9.10.2).

TristanCacqueray avatar Oct 30 '24 19:10 TristanCacqueray