Summary: | <sys-libs/ncurses-6.1: Stack buffer overflow vulnerability (CVE-2017-16879) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=652080 | ||
Whiteboard: | A3 [glsa+ cve] | ||
Package list: |
=sys-libs/ncurses-6.1-r2
|
Runtime testing required: | Yes |
Bug Depends on: | 648114, 651302, 651494 | ||
Bug Blocks: | 624644, 625830, 651900 |
Description
GLSAMaker/CVETool Bot
2017-12-04 02:03:10 UTC
@Maintainers please call for stabilization when ready. Thank you @arches, please stabilize. amd64 stable ia64 stable ppc stable ppc64 stable x86 stable commit 1fa251eb8276ed0b1d72ca836f560f21a343c079 Author: Rolf Eike Beer <eike@sf-mail.de> Date: Tue Mar 27 20:23:43 2018 +0200 sys-libs/ncurses: stable 6.1-r2 for sparc, bug #639706 arm64 stable commit acb2cee0e20bd3943186234a8ebba17540daf7e6 Author: Jeroen Roovers <jer@gentoo.org> Date: Sat Mar 31 11:38:29 2018 +0200 sys-libs/ncurses: Stable for HPPA too. alpha stable arm stable exp arches removed. Dependent bug 651644 should not block this. GLSA request filed. (In reply to Aaron Bauman from comment #13) > exp arches removed. > > Dependent bug 651644 should not block this. > > GLSA request filed. Do not remove them at least from system-wede packages, hurts noone m68k/s390/sh stable This issue was resolved and addressed in GLSA 201804-13 at https://security.gentoo.org/glsa/201804-13 by GLSA coordinator Aaron Bauman (b-man). re-opened for cleanup/masking. @maintainer(s), please drop vulnerable. Thank you. Michael Boyle Security Padawan (In reply to Michael Boyle from comment #18) > @maintainer(s), please drop vulnerable. Thank you. > > Michael Boyle > Security Padawan Already done. See commit c94776f9bbcb5e37c8440b59770b8515bbe61bac All done, repository is clean. |