Summary: | <media-libs/libexif-0.6.22_p20201105: Multiple vulnerabilities (CVE-2020-{0181,0198,0452}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | maintainer-needed |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://github.com/gentoo/gentoo/pull/18828 | ||
Whiteboard: | A2 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2020-11-15 09:14:09 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2a59b09f96fe636adc1fa857c1fa7d52d6c6f28b commit 2a59b09f96fe636adc1fa857c1fa7d52d6c6f28b Author: Sam James <sam@gentoo.org> AuthorDate: 2020-11-15 09:24:15 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-11-15 09:24:24 +0000 media-libs/libexif: security bump to 20201105 snapshot Bug: https://bugs.gentoo.org/754681 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Signed-off-by: Sam James <sam@gentoo.org> media-libs/libexif/Manifest | 1 + media-libs/libexif/libexif-0.6.22_p20201105.ebuild | 55 ++++++++++++++++++++++ 2 files changed, 56 insertions(+) Unable to check for sanity:
> no match for package: media-libs/libexif-20201105
>>> Configuring source in /tmp/portage/media-libs/libexif-0.6.22_p20201105/work/libexif-9266d14b5ca4e29b970fa03272318e5f99386e06 ...
* abi_x86_32.x86: running multilib-minimal_abi_src_configure
* ERROR: media-libs/libexif-0.6.22_p20201105::gentoo failed (configure phase):
* no configure script found
*
* Call stack:
* ebuild.sh, line 125: Called src_configure
* environment, line 1633: Called multilib-minimal_src_configure
* environment, line 1085: Called multilib_foreach_abi 'multilib-minimal_abi_src_configure'
* environment, line 1338: Called multibuild_foreach_variant '_multilib_multibuild_wrapper' 'multilib-minimal_abi_src_configure'
* environment, line 1015: Called _multibuild_run '_multilib_multibuild_wrapper' 'multilib-minimal_abi_src_configure'
* environment, line 1013: Called _multilib_multibuild_wrapper 'multilib-minimal_abi_src_configure'
* environment, line 400: Called multilib-minimal_abi_src_configure
* environment, line 1079: Called multilib_src_configure
*
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4487f6ef155fc063b80ca2c6fa56f02d1436d11b commit 4487f6ef155fc063b80ca2c6fa56f02d1436d11b Author: Sam James <sam@gentoo.org> AuthorDate: 2020-11-15 10:41:37 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-11-15 10:41:37 +0000 media-libs/libexif: fix multilib build Bug: https://bugs.gentoo.org/754681 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Signed-off-by: Sam James <sam@gentoo.org> media-libs/libexif/libexif-0.6.22_p20201105.ebuild | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (In reply to Ivan Grynko from comment #3) > >>> Configuring source in /tmp/portage/media-libs/libexif-0.6.22_p20201105/work/libexif-9266d14b5ca4e29b970fa03272318e5f99386e06 ... > * abi_x86_32.x86: running multilib-minimal_abi_src_configure > * ERROR: media-libs/libexif-0.6.22_p20201105::gentoo failed (configure > phase): > * no configure script found Thanks to both you and josef64! amd64 done arm64 done arm done arm done This issue was resolved and addressed in GLSA 202011-19 at https://security.gentoo.org/glsa/202011-19 by GLSA coordinator Aaron Bauman (b-man). re-opened for final arches and cleanup. sparc done ppc done ppc64 stable x86 done hppa stable Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4b670bf10be44aa2a4108c8e0bb79662aa2421c commit f4b670bf10be44aa2a4108c8e0bb79662aa2421c Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-12-27 08:51:06 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2020-12-27 09:29:03 +0000 media-libs/libexif: security cleanup (drop <0.6.22_p20201105) Bug: https://bugs.gentoo.org/754681 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/18828 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> media-libs/libexif/Manifest | 1 - media-libs/libexif/libexif-0.6.22.ebuild | 49 -------------------------------- 2 files changed, 50 deletions(-) Tree is clean, all done! |