Summary: | <media-libs/libvpx-1.0.0 : Denial of Service vulnerability (CVE-2012-0823) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | media-video, sven.koehler |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 401985 | ||
Bug Blocks: |
Description
GLSAMaker/CVETool Bot
2012-02-26 20:13:18 UTC
1.0.0 in tree Arches, please test and mark stable: =media-libs/libvpx-1.0.0 Target KEYWORDS : "alpha amd64 ppc x86" wowowow, i would wait for firefox to be fixed first :) (bug #401985) amd64 stable Please do not stbilize libvpx-1.0.0 before bug #401985 got fixed. (In reply to comment #1) > 1.0.0 in tree Alexis I need to know why ppc/ppc64 was drop'd before I can move forward with mozilla products. I am not gonna drop support for either arch. (In reply to comment #6) > (In reply to comment #1) > > 1.0.0 in tree > > Alexis I need to know why ppc/ppc64 was drop'd before I can move forward > with mozilla products. I am not gonna drop support for either arch. It compiles fine on ppc*, so are the rdeps (I've tested libav,ffmpeg). Marked ~ppc/~ppc64 and lifted 'vpx' use.mask. It can be used as stable candidate pending further testing along with bug 360427 ALL archs are fine to stabilize as far as mozilla products go, you will need to stabilize latest ebuild for tb/fx/sm/icecat at the same time to prevent brekage. Thanks Doesn't compile on alpha, see bug 406821. ppc done x86 done (as part of bug 408161) Stable on alpha. Thanks, folks. GLSA Vote: no. GLSA vote: not so much. Closing noglsa. |