First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 14628
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Graham <biggms_1701@hotmail.com>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 14628 depends on: Show dependency tree
Show dependency graph
Bug 14628 blocks:
Votes: 0    Show votes for this bug    Vote for this bug

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2003-01-27 11:28 0000 
As reported by the developers of qt-dcgui all versions before 0.2.2 have a 
security flaw that allows users to download unshared files.  The fix is to 
update to 0.2.2 or above.  Versions below 0.2.2 should be removed from portage.

------- Comment #1 From Joachim Blaabjerg 2003-01-27 14:22:57 0000 ------- 
I've committed 0.2.3 of dclib and qt-dcgui now. Aliz, are you going to write a
GLSA 
on this one?

------- Comment #2 From SpanKY 2003-01-28 00:43:26 0000 ------- 
you forgot to add the digest and patch files for dclib-2.3 ... ive added them
now though ...

------- Comment #3 From Joachim Blaabjerg 2003-01-28 05:29:05 0000 ------- 
Ah, sorry. Being a gcc3 user, that just flew right by my testing.

------- Comment #4 From Daniel Ahlberg (RETIRED) 2003-02-05 04:28:47 0000 ------- 
glsa sent
First Last Prev Next    No search results available      Search page      Enter new bug