First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 189536
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Raphael Marichez <falco@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 189536 depends on: Show dependency tree
Bug 189536 blocks: 165270

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-08-19 22:12 0000 
Hi,

unless i'm wrong, the emulation-Qt is also concerned by the format string
vulnerabilities described in CVE-2007-3388. 

See bug 185446 for further discussion and patch.

------- Comment #1 From Pierre-Yves Rofes 2007-09-08 16:06:45 0000 ------- 
maintainers, please provide fixed ebuild.

------- Comment #2 From Mike Doty 2007-11-14 07:24:13 0000 ------- 
app-emulation/emul-linux-x86-qtlibs-20071114 in tree ~amd64 + p.masked.  This
was produced with a new build system.  We intend for these ebuilds to go stable
in time for releng(really soon)

------- Comment #3 From Togge 2007-11-16 19:39:38 0000 ------- 
--- amd64 ---
app-emulation/emul-linux-x86-qtlibs-20071114 - USE:

1: emerges
2: passes collision-protect, (multilib-)strict, test
3: works (tested with Opera)

Portage 2.1.3.19 (default-linux/amd64/2007.0/desktop, gcc-4.1.2,
glibc-2.6.1-r0, 2.6.22-gentoo-r9 x86_64)
=================================================================
System uname: 2.6.22-gentoo-r9 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor
4200+
Timestamp of tree: Unknown
ccache version 2.4 [enabled]
app-shells/bash:     3.2_p17
dev-java/java-config: 1.3.7, 2.0.33-r1
dev-lang/python:     2.4.4-r6
dev-python/pycrypto: 2.0.1-r6
dev-util/ccache:     2.4-r7
sys-apps/baselayout: 1.12.9-r2
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.61-r1
sys-devel/automake:  1.4_p6, 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.18-r1
sys-devel/gcc-config: 1.3.16
sys-devel/libtool:   1.5.24
virtual/os-headers:  2.6.22-r2
ACCEPT_KEYWORDS="amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -ggdb -march=athlon64 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config
/usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/init.d
/etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/
/etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo
/etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-O2 -ggdb -march=athlon64 -pipe"
DISTDIR="/tmp/portage"
FEATURES="ccache collision-protect distlocks metadata-transfer multilib-strict
parallel-fetch sandbox sfperms splitdebug strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://ds.thn.htu.se/linux/gentoo              
http://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/           
http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/           
http://mirror.switch.ch/mirror/gentoo/        
http://trumpetti.atm.tut.fi/gentoo/"
LANG="en_US.utf-8"
LINGUAS="en sv"
MAKEOPTS="-j3"
PKGDIR="/tmp/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress
--force --whole-file --delete --delete-after --stats --timeout=180
--exclude=/distfiles --exclude=/local --exclude=/packages
--filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/portage/local/private"
SYNC="rsync://dx/gentoo-portage"
USE="3dnow 3dnowext X a52 aac acpi aiglx alsa amd64 apache2 arts asf avi
bash-completion berkdb bitmap-fonts branding browserplugin cairo ccache cdr cli
cpudetection cracklib crypt cscope css cups cvs dbus divx divx4linux dlloader
dri dvd dvdr dvdread eds emboss encode esd evo fam ffmpeg firefox flac
foomaticdb fortran freetype gdbm geoip gif gimp gmedia gnokii gnome gpm
gstreamer gtk hal http iconv ieee1394 imap imlib ipv6 isdnlog java javascript
jfs jpeg kde kdeenablefinal kdehiddenvisibility kdepim kerberos logitech-mouse
mad madwifi maildir midi mikmod mmx mmx2 mmxext mono mozbranding moznopango
mozsvg mp3 mpeg mplayer msn mudflap mysql ncurses nls nptl nptlonly nsplugin
ntfs nvidia obex ogg oggvorbis opengl openmp oss pam pcre pdf pdflib perl png
pppd python qt qt3 qt3support qt4 quicktime readline realmedia reflection
reiserfs samba scanner sdl session spell spl sse sse2 ssl subversion svg
symlink tcpd tetex theora threads tiff truetype truetype-fonts type1-fonts udev
unicode usb v4l v4l2 vim-syntax vim-with-x visualization vorbis wifi wmf wmp
wxwindows xcomposite xface xfs xine xinerama xml xorg xosd xpm xprint xv xvid
zlib" ALSA_CARDS="emu10k1" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare
dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw
multi null plug rate route share shm softvol" ELIBC="glibc"
INPUT_DEVICES="mouse keyboard evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz
cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en sv"
USERLAND="GNU" VIDEO_CARDS="nv nvidia"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LDFLAGS,
PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

------- Comment #4 From Mike Doty 2007-11-26 04:24:55 0000 ------- 
20071114-r2 stable, sec team do your thing...

------- Comment #5 From Robert Buchholz 2007-12-02 12:28:17 0000 ------- 
GLSA request filed.

------- Comment #6 From Pierre-Yves Rofes 2007-12-09 22:03:33 0000 ------- 
GLSA 200712-08
First Last Prev Next    No search results available      Search page      Enter new bug