Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 168584
Alias:
Product:
Component:
Status: RESOLVED
Resolution: WONTFIX
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Raphael Marichez <falco@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
patch-lib::sshfilexfer::sshfilexfers.c patch-lib::sshfilexfer::sshfilexfers.c patch Robert Buchholz 2007-10-09 22:13 0000 1.13 KB Details | Diff
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 168584 depends on: 139969 Show dependency tree
Bug 168584 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-02-27 15:07 0000 
Hi,

there has been a vulnerability since early 2006 for that package with upstream
dead.

This package is p.pasked waiting for a solution.

------- Comment #1 From Raphael Marichez 2007-02-27 15:09:10 0000 ------- 
calling a vote for a maskglsa, i vote yes since it seems, according to
HumpBack, that there are actually some users using it.

------- Comment #2 From Matthias Geerdsen 2007-03-05 21:03:08 0000 ------- 
agreed

------- Comment #3 From Gustavo Felisberto 2007-04-15 17:25:37 0000 ------- 
It seems *BSD has a possible fix: http://www.freshports.org/security/ssh2/

------- Comment #4 From Christian Faulhammer 2007-09-08 22:52:38 0000 ------- 
(In reply to comment #3)
> It seems *BSD has a possible fix: http://www.freshports.org/security/ssh2/

 So will you apply it or will it be masked and removed eventually?

------- Comment #5 From Raphael Marichez 2007-10-08 07:09:37 0000 ------- 
FYI it was GLSA 200703-13

------- Comment #6 From Robert Buchholz 2007-10-09 22:13:17 0000 ------- 
Created an attachment (id=133031) [details]
patch-lib::sshfilexfer::sshfilexfers.c

Patch as shipped by FreeBSD

------- Comment #7 From Robert Buchholz 2007-10-09 22:15:11 0000 ------- 
Humpback, the patch looks really simple. Please review and apply, then we could
unmask this again.

------- Comment #8 From Gustavo Felisberto 2007-10-10 13:50:34 0000 ------- 
Removed older -r1 and added keyworded -r2 that has the patch. You guys are free
to unmask it as soon as the glsa is announced.

------- Comment #9 From Jeremy Olexa (darkside) 2008-11-20 04:50:01 0000 ------- 
removed from tree -> WONTFIX
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug