Summary: | app-admin/tripwire: Format String Vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | taviso |
Priority: | High | Flags: | jaervosz:
Assigned_To?
(jaervosz) |
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://www.securityfocus.com/archive/1/365036/2004-05-31/2004-06-06/0 | ||
Whiteboard: | B1[Glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Sune Kloppenborg Jeppesen (RETIRED)
2004-06-03 21:58:30 UTC
Tripwire has confirmed this vulnerability on bugtraq. ``I will endeavor to patch the sourceforge code base as soon as possible. In the meantime, it is strongly recommended that you apply Paul's patch and rebuild from source.'' Tavis please apply the supplied patch in the Bugtraq link and bump the ebuild(The patch has been approved by Tripwire). An official patch is coming out soon. But there is currently no ETA for the official fix so we better use the one Bugtraq one until then. fixed in cvs, tripwire-2.3.1.2-r1 has the patch x86 please mark stable. Target keywords: x86 Looks like the maintainer already did 8) GLSA drafted ready to go when reviewed. GLSA good to go. Koon will you do the honor along with the sitecopy GLSA? Taviso thanks for your quick resolution. Would you please also remove the vulnerable ebuild from portage? GLSA 200406-02 no problem, old ebuilds removed |