Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 502270 (CVE-2014-2655)

Summary: <www-apps/postfixadmin-2.3.7: SQL injection (CVE-2014-2655)
Product: Gentoo Security Reporter: tanstaafl <tanstaafl>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: ago, artem, sdamashek, web-apps
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [noglsa]
Package list:
Runtime testing required: ---

Description tanstaafl@libertytrek.org 2014-02-23 19:02:10 UTC 
The next release of postfixadmin is released and ready for general consumption

Reproducible: Always
Comment 1 Artem Sidorenko 2014-03-11 18:47:05 UTC 
2.3.7 has a security SQL injection fix, see changelog http://sourceforge.net/projects/postfixadmin/files/postfixadmin/postfixadmin-2.3.7/
Comment 2 tanstaafl@libertytrek.org 2014-03-12 13:16:23 UTC 
Any chance that bug 459144 can get fixed in the process of adding the new release?

As always, thanks guys!
Comment 3 Samuel Damashek (RETIRED) gentoo-dev 2014-03-22 16:36:50 UTC 
@arches, please stabilize:
www-apps/postfixadmin-2.3.7

target arches:
amd64 x86
Comment 4 Agostino Sarubbo gentoo-dev 2014-03-22 20:16:24 UTC 
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2014-03-22 20:17:41 UTC 
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 6 Samuel Damashek (RETIRED) gentoo-dev 2014-03-22 20:21:07 UTC 
Removed <www-apps/postfixadmin-2.3.7.
Comment 7 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2014-03-22 21:28:12 UTC 
GLSA vote: no.
Comment 8 Sergey Popov gentoo-dev 2014-06-13 22:07:32 UTC 
GLSA vote: no

Closing noglsa
Comment 9 Sergey Popov gentoo-dev 2014-06-13 22:08:19 UTC 
*** Bug 505940 has been marked as a duplicate of this bug. ***