Summary: | app-arch/bzip2 <1.0.5 CERT-FI: 20469 Buffer overread (CVE-2008-1372) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | ||||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html | ||||||
Whiteboard: | A3 [glsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Hanno Böck
2008-03-18 12:30:45 UTC
ive added 1.0.5 to the tree ... now if only they didnt screw up the packaging of it ... Arches, please test and mark stable: =app-arch/bzip2-1.0.5 Target keywords : "alpha amd64 arm hppa ia64 m68k mips ppc ppc64 release s390 sh sparc x86" Created attachment 146488 [details, diff]
bzip2-CERT-FI-20469.patch
Just for reference, the patch.
Sparc stable. All tests pass, it works on my files, and portage can use it. (In reply to comment #4) > Sparc stable. All tests pass, it works on my files, and portage can use it. That's odd. Ferris forgot to mark the ebuild. So er, stable for HPPA and SPARC then. :) ppc stable alpha/ia64/x86 stable amd64 stable there's no need to cc mips on security stabilization bugs. we're ~arch only. ppc64 stable Fixed in release snapshot. request filed GLSA 200804-02 |