First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 136759
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Sune Kloppenborg Jeppesen <jaervosz@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 136759 depends on: Show dependency tree
Bug 136759 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-06-14 03:59 0000 
From 0.2.3 ChangeLog:

Fixed an integer overflow bug (CVE-2006-2197)

------- Comment #1 From Wolf Giesen (RETIRED) 2006-06-14 04:12:32 0000 ------- 
Just thinking loud: Abiword seems to depend on wv [not wv2], any info on
whether that is affected, too?

------- Comment #2 From Martin Ehmsen (RETIRED) 2006-06-14 04:33:17 0000 ------- 
text-markup absorbs it (seems easy to maintain and useful).
I have version bumped it and added text-markup to metadata.

Arch teams please stabilize this (the only change since 0.2.2 is some tabbing
stuff and a Solaris / Sun C++ 5.5 patch, aside from the security fix).

------- Comment #3 From Jon Hood (RETIRED) 2006-06-14 06:26:16 0000 ------- 
stable amd64

------- Comment #4 From Tobias Scherbaum 2006-06-14 11:04:13 0000 ------- 
ppc stable

------- Comment #5 From Gustavo Zacarias (RETIRED) 2006-06-14 11:30:07 0000 ------- 
sparc sparc!

------- Comment #6 From Thomas Cort (RETIRED) 2006-06-14 19:11:24 0000 ------- 
alpha stable.

------- Comment #7 From Markus Rothe 2006-06-15 00:01:46 0000 ------- 
stable on ppc64

------- Comment #8 From Martin Ehmsen (RETIRED) 2006-06-20 02:20:13 0000 ------- 
This seems to have slowed down a bit... can we please have som input from x86
and ia64?

------- Comment #9 From Carsten Lohrke 2006-06-21 03:59:48 0000 ------- 
stable on x86

------- Comment #10 From Chris Gianelloni (RETIRED) 2006-06-21 07:31:47 0000 ------- 
Removing x86... I'd really appreciate it if people outside the x86 team would
allow us to actually do our jobs on these bugs.  It's rather frustrating to see
that since Halcy0n has left that we now have some people going around and just
stabilizing whatever they feel like it because they think we're being too slow.
 Unfortunately, the number of active people on the x86 team has dropped since
his leaving the project.  Don't go around countermining all of the work that he
did for the project by subverting our policies just because he's not around to
complain to you.

------- Comment #11 From Stefan Cornelius (RETIRED) 2006-06-21 08:45:59 0000 ------- 
"You have to specify a comment on this change. Please explain your change."
-> baah. ready for glsa.

------- Comment #12 From Carsten Lohrke 2006-06-21 09:19:11 0000 ------- 
(In reply to comment #10)
> Removing x86... I'd really appreciate it if people outside the x86 team would
> allow us to actually do our jobs on these bugs.

I am listed as member of the x86 team. I do only act, if I notice an ebuild I
do maintain or an dependency of it needs to go stable and no one else of the
x86 team does, though.

------- Comment #13 From Joshua Jackson 2006-06-21 09:50:16 0000 ------- 
Herd:             x86
Email:            x86@gentoo.org
Description:      Gentoo/x86 team
Developers(16):   allanonjl antarus* betelgeuse* chriswhite* compnerd fuzzyray
                  halcy0n* hparker kloeri mkay* nelchael s4t4n* ticho tove
                  tsunam wolf31o2


Hate to tell you carlo but you are not a member of the x86 team and therefore
not approved to go stablizing stuff on the herds behalf unless we authorize you
to do so. As the only real exceptions that we've allowed are for specific
hardware that no member of the team has. We are always looking for dedicated
developers who don't just want to join the herd to avoid having to deal with
the team. We also mandate a certain amount of bugs done per the guidelines of
the team, which is checked on to make sure that we don't need to send out
warnings.

------- Comment #14 From Carsten Lohrke 2006-06-21 15:46:01 0000 ------- 
(In reply to comment #13)
> Hate to tell you carlo...

Then it had been missed to add me to the list. I joined shortly after the x86
herd has been formed.

------- Comment #15 From Stefan Cornelius (RETIRED) 2006-06-23 08:19:16 0000 ------- 
GLSA 200606-24

Thanks everybody
First Last Prev Next    No search results available      Search page      Enter new bug