Summary: | <gnome-extra/libgsf-1.14.41: Null pointer dereference in tar_directory_for_file() (CVE-2016-9888) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | gnome |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1403198 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
=gnome-extra/libgsf-1.14.41
|
Runtime testing required: | --- |
Description
Agostino Sarubbo
2016-12-14 10:10:24 UTC
Bug 587010 isn't a strict dependency here, I don't think. The changes are minimal and a newer libgsf can be stabled independently, even if the previous stable for an arch is only 1.14.34 by the looks of it. Thoman already rushed and edited the atoms in the gnome-3.20 bug, but that's fine to keep - those that haven't done it yet, can then skip 1.14.40 automatically. Please stable =gnome-extra/libgsf-1.14.41 amd64 stable x86 stable sparc stable arm stable ppc stable Stable on alpha. ia64 stable ppc64 stable Stable for HPPA. GLSA Vote: No @ Maintainer(s): Please cleanup and drop <gnome-extra/libgsf-1.14.41! cleanup done |