Summary: | <media-gfx/blender-2.72b-r3: LZO Denial of Service and Arbitrary Code Execution through embedded code | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Yury German <blueknight> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | hasufell, lu_zero |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://seclists.org/oss-sec/2014/q2/676 | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 515246 |
Description
Yury German
2014-06-27 01:02:17 UTC
+*blender-2.71-r2 (27 Sep 2014) + + 27 Sep 2014; Julian Ospald <hasufell@gentoo.org> +blender-2.71-r2.ebuild, + +files/04-blender-2.71-r2-unbundle-glog.patch, + +files/09-blender-2.72-unbundle-minilzo.patch: + re-add 2.71 with fixed Manifest wrt #523328 and unbundle minilzo wrt #515266 +*blender-2.72-r1 (27 Sep 2014) + + 27 Sep 2014; Julian Ospald <hasufell@gentoo.org> -blender-2.72.ebuild, + +blender-2.72-r1.ebuild: + unbundle minilzo wrt #515266 + 16 Dec 2014; Julian Ospald <hasufell@gentoo.org> -blender-2.69-r1.ebuild, + -blender-2.71-r2.ebuild, -blender-2.72-r1.ebuild, + -files/07-blender-2.68-sse2.patch, + -files/02-blender-2.68-unbundle-colamd.patch, + -files/05-blender-2.68-unbundle-eigen3.patch, + -files/04-blender-2.68-unbundle-glog.patch, + -files/04-blender-2.71-r2-unbundle-glog.patch, + -files/09-blender-2.72-unbundle-minilzo.patch: + rm old why is this bug still open? Per previous comments maintainer has fixed the upstream LZO issue and the in tree package. |