Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 136415 - app-text/acroread: <7.0.8 unspecified vulnerability ?
Summary: app-text/acroread: <7.0.8 unspecified vulnerability ?
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.adobe.com/support/techdocs...
Whiteboard: B? [] Falco
Keywords:
Depends on:
Blocks:
 
Reported: 2006-06-11 07:59 UTC by Raphael Marichez (Falco) (RETIRED)
Modified: 2006-08-02 23:46 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-06-11 07:59:54 UTC 
http://www.adobe.com/support/techdocs/327817.html says :

"Security: several security bug fixes have been made, including one considered critical."

for the 7.0.8 update

how should we consider this ?
In doubt, printing team, could you introduce acroread-7.0.8 into portage of possible ?
Comment 1 Stefan Schweizer (RETIRED) gentoo-dev 2006-06-17 19:43:58 UTC 
I added a masked 7.0.8 ebuild because it does not have all localization yet.
Comment 2 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-06-18 04:31:11 UTC 
(In reply to comment #1)
> I added a masked 7.0.8 ebuild because it does not have all localization yet.
> 

I suppose we can't stabilize this version.

Back to [upstream] status in order to wait for a valid upstream version.
Comment 3 Stefan Cornelius (RETIRED) gentoo-dev 2006-07-24 09:01:44 UTC 
ok, we waited long enough. i dont care a lot about localization, imho is security more important. what do you think?
Comment 4 Wolf Giesen (RETIRED) gentoo-dev 2006-07-24 21:29:16 UTC 
Yes, let's shove it out, preferrably with an enotice describing security overrules understandability .-)
Comment 5 Thierry Carrez (RETIRED) gentoo-dev 2006-07-29 05:41:34 UTC 
I agree.
genstef/printing : please unmask it or advise.
Comment 6 Stefan Schweizer (RETIRED) gentoo-dev 2006-07-29 07:49:36 UTC 
adobe has released some language tarballs and I have unmasked the new version -  go ahead :)
Comment 7 Stefan Cornelius (RETIRED) gentoo-dev 2006-07-29 08:43:59 UTC 
amd64 and x86, please test and stable 7.0.8, thanks
Comment 8 Joshua Jackson (RETIRED) gentoo-dev 2006-07-30 20:19:25 UTC 
*thumbs up* It works like it should ^.^;
Comment 9 Simon Stelling (RETIRED) gentoo-dev 2006-07-31 04:38:45 UTC 
amd64 done
Comment 10 Thierry Carrez (RETIRED) gentoo-dev 2006-07-31 13:42:35 UTC 
Voting yes, one unknown critical.
Comment 11 Matthias Geerdsen (RETIRED) gentoo-dev 2006-07-31 14:00:53 UTC 
voting yes too (one critical, acroread is widely used)
Comment 12 Wolf Giesen (RETIRED) gentoo-dev 2006-07-31 22:06:10 UTC 
yes
Comment 13 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-08-01 00:46:39 UTC 
okokOK:-)
Comment 14 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-08-02 09:06:41 UTC 
According to RH CVE-2006-3093 does not affect the Linux version, so I suggest we close this one as INVALID.

Comments?
Comment 15 Wolf Giesen (RETIRED) gentoo-dev 2006-08-02 09:34:43 UTC 
Hm, SuSE still released new packages. Do they know something the others don't?

http://lists.suse.com/archive/suse-security-announce/2006-Jul/0004.html
Comment 16 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-08-02 09:52:14 UTC 
No, they didn't know what others know now.
Comment 17 Wolf Giesen (RETIRED) gentoo-dev 2006-08-02 10:54:51 UTC 
Great, I downloaded that bloat and guess what, there's no changelog/release note inside. Probably to save bandwidth. Ha, ha. Just gotta love them.
Comment 18 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-08-02 23:46:24 UTC 
Closing as INVALID.

Feel free to reopen if you disagree.

Sorry for the noise.