Summary: | <net-misc/vino-2.32.2: Denial of Service Vulnerabilities (CVE-2011-{0904,0905}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Tim Sammut (RETIRED) <underling> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alexanderyt, gnome |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Tim Sammut (RETIRED)
2011-05-10 04:49:42 UTC
IIRC that's what the 2.32.2 release was for and it already is in tree. Unless there's something more we are good to go. (In reply to comment #1) > IIRC that's what the 2.32.2 release was for and it already is in tree. Unless > there's something more we are good to go. Ok, I am a little confused. https://bugzilla.gnome.org/show_bug.cgi?id=641802#c10 says this is fixed in a 2.32.3 version, but comparing the fix at http://bugzilla-attachments.gnome.org/attachment.cgi?id=186688 to the source from our 2.32.2 we look to include the fixed code. Alright, can we stabilize =net-misc/vino-2.32.2? (In reply to comment #2) > (In reply to comment #1) > > IIRC that's what the 2.32.2 release was for and it already is in tree. Unless > > there's something more we are good to go. > > Ok, I am a little confused. > https://bugzilla.gnome.org/show_bug.cgi?id=641802#c10 says this is fixed in a > 2.32.3 version, but comparing the fix at > http://bugzilla-attachments.gnome.org/attachment.cgi?id=186688 to the source > from our 2.32.2 we look to include the fixed code. > > Alright, can we stabilize =net-misc/vino-2.32.2? Latest is 2.32.2[1]. That should be stabilized. 1. http://ftp.acc.umu.se/pub/GNOME/sources/vino/2.32/ (In reply to comment #3) > > Latest is 2.32.2[1]. That should be stabilized. > Cool, thanks. Arches, please test and mark stable: =net-misc/vino-2.32.2 Target keywords : "alpha amd64 arm ia64 ppc ppc64 sparc x86" amd64 ok amd64 stable ppc/ppc64 stable x86 stable alpha/arm/ia64/sparc stable Thanks, everyone. GLSA request filed. This issue was resolved and addressed in GLSA 201412-09 at http://security.gentoo.org/glsa/glsa-201412-09.xml by GLSA coordinator Sean Amoss (ackle). |