Summary: | <sys-auth/polkit-0.113: Heap-corruption on duplicate ids (CVE-2015-3255) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | freedesktop-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1245673 | ||
Whiteboard: | A2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-07-23 07:40:02 UTC
Per: https://bugs.freedesktop.org/show_bug.cgi?id=83590#c7 this is fixed in 0.113... that should be ok to go to stable as explained at bug 554878 polkit-0.113 is now stable, must cleanup 0.112-r3. Arches, Thank you for your work. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s). Vulnerable ebuilds cleaned up. Maintainer(s), Thank you for your work. This issue was resolved and addressed in GLSA 201611-07 at https://security.gentoo.org/glsa/201611-07 by GLSA coordinator Aaron Bauman (b-man). |