Summary: | Stabilize =sys-fs/udisks-1.0.4-r1 (CVE-2011-2709) | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Samuli Suominen (RETIRED) <ssuominen> |
Component: | [OLD] Keywording and Stabilization | Assignee: | Freedesktop bugs <freedesktop-bugs> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | Keywords: | STABLEREQ |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Samuli Suominen (RETIRED)
2011-10-01 16:35:15 UTC
amd64 ok amd64 done. Thanks Agostino x86 stable arm stable Stable for HPPA. alpha/ia64/sh/sparc stable + 10 Jan 2012; Samuli Suominen <ssuominen@gentoo.org> udisks-1.0.4-r1.ebuild: + ppc64 stable wrt #385231 + 10 Jan 2012; Brent Baude <ranger@gentoo.org> udisks-1.0.4-r1.ebuild: Marking udisks-1.0.4-r1 ppc for bug 385231 CVE-2011-2709 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2709): libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs. |