48448 – net-misc/neon-0.24.4: Multiple format string vulnerabilities in neon 0.24.4 and earlier.

Bug 48448 - net-misc/neon-0.24.4: Multiple format string vulnerabilities in neon 0.24.4 and earlier.

Summary: net-misc/neon-0.24.4: Multiple format string vulnerabilities in neon 0.24.4 a...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	GLSA Errors (show other bugs)
Hardware:	All Linux

Importance:	Highest blocker (vote)
Assignee:	Gentoo Security

URL:	http://cve.mitre.org/cgi-bin/cvename....
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2004-04-20 03:53 UTC by Jani Averbach
Modified:	2004-05-09 10:45 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jani Averbach 2004-04-20 03:53:19 UTC

There is a new version of neon (0.24.5) out there.
I just copied neon-0.24.4.ebuild -> neon-0.24.5.ebuild, and upgrade
went without hitch (amd64).

http://www.webdav.org/neon/


Reproducible: Always
Steps to Reproduce:

Comment 1 Kurt Lieber (RETIRED) gentoo-dev

2004-04-20 03:57:07 UTC

Paul -- Mind looking at this and bumping as necessary?

Comment 2 Kurt Lieber (RETIRED) gentoo-dev

2004-04-20 04:10:03 UTC

glsa drafted for this in case we end up needing it.

Comment 3 Paul de Vrieze (RETIRED) gentoo-dev

2004-04-27 01:14:44 UTC

I'm now working on the updated version. Get ready for the GLSA

Comment 4 Paul de Vrieze (RETIRED) gentoo-dev

2004-04-27 01:21:33 UTC

I've just committed 0.24.5 which is supposed to be safe, so please release a GLSA

Comment 5 Thierry Carrez (RETIRED) gentoo-dev

2004-04-27 01:29:55 UTC

Thanks Paul.
This is GLSA-ready. klieber: I reviewed your draft, it's OK for me.
-K

Comment 6 Thierry Carrez (RETIRED) gentoo-dev

2004-05-09 10:45:35 UTC

GLSA 200405-01