Summary: | <sys-fs/fuse-2.8.2, <util-linux-2.17: race condition (CVE-2010-3879) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Paweł Hajdan, Jr. (RETIRED) <phajdan.jr> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system, kernel-misc |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3879 | ||
Whiteboard: | B3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Paweł Hajdan, Jr. (RETIRED)
2011-01-19 19:52:16 UTC
It seems we have patched ebuilds in the tree, but if this is indeed an A3-rated vulnerability, we should issue a GLSA. (In reply to comment #1) > It seems we have patched ebuilds in the tree, but if this is indeed an A3-rated > vulnerability, we should issue a GLSA. > It looks like we have rated sys-fs/fuse as "marginal software" previously, so I am rerating B3, which requires a GLSA Vote. GLSA Vote: no. stable util-linux is 2.17.2, I think this might not relevant for us anyways. Vote: no, closing noglsa. |