Summary: | <app-arch/lrzip-0.631_p20190619: multiple vulnerabilities (CVE-2017-{9928,9929}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Aleksandr Wagner (Kivak) <alwag> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | maintainer-needed |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://github.com/gentoo/gentoo/pull/15000 https://bugs.gentoo.org/show_bug.cgi?id=617930 https://bugs.gentoo.org/show_bug.cgi?id=655148 https://bugs.gentoo.org/show_bug.cgi?id=658008 |
||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: |
app-arch/lrzip-0.631_p20190619
|
Runtime testing required: | --- |
Description
Aleksandr Wagner (Kivak)
2017-07-10 14:56:45 UTC
all fixed in master The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5847e32605457f4c68ac4f89bfaa28a9e6cfafd4 commit 5847e32605457f4c68ac4f89bfaa28a9e6cfafd4 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2019-10-26 23:35:49 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2019-10-26 23:35:49 +0000 app-arch/lrzip: bump to v0.631_p20190619 Bug: https://bugs.gentoo.org/624462 Package-Manager: Portage-2.3.78, Repoman-2.3.17 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> app-arch/lrzip/Manifest | 1 + app-arch/lrzip/lrzip-0.631_p20190619.ebuild | 50 +++++++++++++++++++++++++++++ 2 files changed, 51 insertions(+) x86 stable amd64 stable Looking good on ppc. # cat lrzip-624462.report USE tests started on Do 31. Okt 00:08:56 CET 2019 FEATURES=' test' USE='' succeeded for =app-arch/lrzip-0.631_p20190619 USE='-static-libs' succeeded for =app-arch/lrzip-0.631_p20190619 USE='static-libs' succeeded for =app-arch/lrzip-0.631_p20190619 arm stable Looking good on ppc64. # cat lrzip-624462.report USE tests started on Do 31. Okt 18:52:56 CET 2019 FEATURES=' test' USE='' succeeded for =app-arch/lrzip-0.631_p20190619 USE='-static-libs' succeeded for =app-arch/lrzip-0.631_p20190619 USE='static-libs' succeeded for =app-arch/lrzip-0.631_p20190619 revdep tests started on Do 31. Okt 18:58:17 CET 2019 FEATURES=' test' USE='' succeeded for mail-filter/amavisd-new ppc/ppc64 stable thanks to ernsteiswuerfel! arm64 stable hppa and sparc stable (last arches). The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa1bb661056944dbd337445144911fab166a0e78 commit aa1bb661056944dbd337445144911fab166a0e78 Author: Sam James (sam_c) <sam@cmpct.info> AuthorDate: 2020-03-18 03:09:05 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-03-19 19:09:18 +0000 app-arch/lrzip: security cleanup (bug #624462) Dropping old versions; new fixed version has long since been stabilised. Bug: https://bugs.gentoo.org/624462 Signed-off-by: Sam James (sam_c) <sam@cmpct.info> Closes: https://github.com/gentoo/gentoo/pull/15000 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> app-arch/lrzip/Manifest | 2 -- app-arch/lrzip/lrzip-0.621.ebuild | 35 --------------------------------- app-arch/lrzip/lrzip-0.631-r1.ebuild | 38 ------------------------------------ 3 files changed, 75 deletions(-) Tree is clean! Resetting sanity check; keywords are not fully specified and arches are not CC-ed. This issue was resolved and addressed in GLSA 202005-01 at https://security.gentoo.org/glsa/202005-01 by GLSA coordinator Thomas Deutschmann (whissi). |