Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 476172 - dev-scheme/chicken-4.8.0.3-r1: stabilization request
Summary: dev-scheme/chicken-4.8.0.3-r1: stabilization request
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Keywording and Stabilization (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: erik falor
URL:
Whiteboard:
Keywords: STABLEREQ
Depends on:
Blocks: CVE-2013-1874 CVE-2013-2024 CVE-2013-2075
  Show dependency tree
 
Reported: 2013-07-08 13:47 UTC by Michael Weber (RETIRED)
Modified: 2013-07-14 14:18 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Weber (RETIRED) gentoo-dev 2013-07-08 13:47:07 UTC
Hello,

I've added the CVE patches for the .scm files and created a tarball with the resulting .c files. Otherwise build system would try to generate these with "chicken" which is not yet available during initial install.

Please remove the PMASK if you approve and mask/remove all older versions.
I don't want to stand responsible for this situation with known but ignored security issues.

Michael
Comment 1 Michael Weber (RETIRED) gentoo-dev 2013-07-08 13:47:55 UTC
+*chicken-4.8.0.3-r1 (08 Jul 2013)
+             
+  08 Jul 2013; Michael Weber <xmw@gentoo.org> +chicken-4.8.0.3-r1.ebuild,
+  +files/chicken-4.8.0.3-CVE-2013-1874.patch,
+  +files/chicken-4.8.0.3-CVE-2013-2024.patch,
+  +files/chicken-4.8.0.3-CVE-2013-2075_1.patch,
+  +files/chicken-4.8.0.3-CVE-2013-2075_2.patch:
+  Revbump to include security patches (bugs 462458, 469392, 467966)
+
Comment 2 erik falor 2013-07-08 23:12:16 UTC
Thanks for the patches, Michael.  I'm checking this out even now.
Comment 3 erik falor 2013-07-09 04:28:33 UTC
I have compared these patches with upstream's git repo.  They look good and build clean.
Comment 4 Chris Reffett (RETIRED) gentoo-dev Security 2013-07-09 10:39:47 UTC
Uh, not fixed yet. Now we ask the arch teams to stabilize it. Arches, please stabilize =dev-scheme/chicken-4.8.0.3-r1, target arches alpha amd64 ppc ppc64 x86. Thanks!
Comment 5 Agostino Sarubbo gentoo-dev 2013-07-13 06:51:24 UTC
amd64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2013-07-13 06:51:44 UTC
x86 stable
Comment 7 Agostino Sarubbo gentoo-dev 2013-07-13 17:59:21 UTC
ppc stable
Comment 8 Agostino Sarubbo gentoo-dev 2013-07-13 19:12:26 UTC
ppc64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2013-07-14 14:18:43 UTC
alpha stable. Last arch, closing