Summary: | app-accessibility/emacspeak <29.0 extract-table.pl Insecure temporary file creation (CVE-2008-4191) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | accessibility, williamh |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4191 | ||
Whiteboard: | B3 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 235770 |
Description
Robert Buchholz (RETIRED)
2008-09-24 15:42:38 UTC
I have emailed upstream to ask about this issue; I am waiting for a response. All, Upstream has notified me that this is fixed in their svn repository. Should I do an svn snapshot or wait until upstream does another release? 29.0 is out, please bump. All, emacspeak 29.0 is now in the tree. Should I remove the older versions immediately in this situation? This also affected our stable 24. William, is 29.0 ok to go stable? You can simply remove the ~arch versions now and the arch ebuild once we pushed the latest version to stable. All, I just did a quick test on 29.0, and let's go ahead and push it to stable. Thanks, William Adding arches. ppc and x86, please stabilize this on your arch. Thanks, William This call is for =app-accessibility/emacspeak-29.0 ppc stable x86 stable, all arches done. Ready for voting, I vote NO. i vote no too. Feel free to reopen if you disagree. |