Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 212488
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Luca Barbato <lu_zero@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 212488 depends on: Show dependency tree
Bug 212488 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-03-06 13:57 0000 
"1.4.4 is a security fix release. All installations of Roundup are strongly
encouraged to update."

just bumping the ebuild should do.

------- Comment #1 From Benedikt Böhm 2008-03-07 10:47:37 0000 ------- 
in cvs, please stabilize

------- Comment #2 From Ferris McCormick 2008-03-07 13:42:35 0000 ------- 
Sparc stable.  Quick test using roundup-demo went as expected.

------- Comment #3 From Christian Faulhammer 2008-03-07 16:07:55 0000 ------- 
x86 stable

------- Comment #4 From Tobias Scherbaum 2008-03-09 06:47:08 0000 ------- 
ppc stable, ready for glsa voting.

------- Comment #5 From Peter Volkov 2008-03-09 10:11:15 0000 ------- 
amd64 stable, too and now it's really ready for glsa.

------- Comment #6 From Peter Volkov 2008-03-09 10:23:27 0000 ------- 
Fixed in release snapshot.

------- Comment #7 From Tobias Heinlein 2008-03-11 17:27:33 0000 ------- 
Ready for vote.

I vote NO.

------- Comment #8 From Pierre-Yves Rofes 2008-03-11 21:39:34 0000 ------- 
NO too, and closing.

------- Comment #9 From Robert Buchholz 2008-03-12 02:12:58 0000 ------- 
Did anyone actually check what the vulnerability was?

------- Comment #10 From Lars Hartmann 2008-03-25 08:31:07 0000 ------- 
can someone please add CVE-2008-1474 to the topic?

------- Comment #11 From Robert Buchholz 2008-04-24 00:01:59 0000 ------- 
Just for reference, Debian reported these as Cross-site scripting.
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug