Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 236521
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 236521 depends on: Show dependency tree
Bug 236521 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-09-02 23:25 0000 
From ChangeLog:
2008-08-21  Antonio Diaz  <ant_diaz@teleline.es>

        * Version 1.0 released.
        * configure: Added option `--program-prefix'.
        * signal.c (strip_escapes): Buffer overflow fixed.
        * signal.c (resize_buffer): Pointer aliasing warning fixed.

base-system, please bump.

------- Comment #1 From Doug Goldstein 2008-09-03 13:31:07 0000 ------- 
Added an ebuild to the tree.

------- Comment #2 From Robert Buchholz 2008-09-03 14:01:23 0000 ------- 
Arches, please test and mark stable:
=sys-apps/ed-1.0
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"

------- Comment #3 From Brent Baude 2008-09-03 14:59:46 0000 ------- 
ppc and ppc64 done.

------- Comment #4 From Ferris McCormick 2008-09-03 15:34:07 0000 ------- 
Sparc stable.

------- Comment #5 From Raúl Porcel 2008-09-03 15:42:41 0000 ------- 
alpha/ia64/x86 stable

------- Comment #6 From Tobias Heinlein 2008-09-03 18:13:54 0000 ------- 
amd64 stable

------- Comment #7 From Jeroen Roovers 2008-09-03 19:55:13 0000 ------- 
Stable for HPPA.

------- Comment #8 From Robert Buchholz 2008-09-14 11:31:22 0000 ------- 
req. filed

------- Comment #9 From Pierre-Yves Rofes 2008-09-23 21:59:26 0000 ------- 
GLSA 200809-15

------- Comment #10 From Dan Wallis 2008-10-11 14:50:16 0000 ------- 
What I don't get is: why when I run "emerge --update --deep --newuse world" (or
system for that matter), sys-apps/ed is not updated, and when I run "emerge
--depclean" it's not removed. So what's installed it and why doesn't it get
updated properly? Should I raise a separate bug for this?

------- Comment #11 From Robert Buchholz 2008-10-11 15:26:51 0000 ------- 
are you certain you do not have ed 1.0 installed already? please post your
emerge --info

------- Comment #12 From Dan Wallis 2008-10-11 15:33:49 0000 ------- 
dan@huia ~ $ glsa-check -vt all 
This system is affected by the following GLSAs:
200809-15 ( GNU ed: User-assisted execution of arbitrary code ) 
dan@huia ~ $ emerge -pv1 sys-apps/ed 

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild     U ] sys-apps/ed-1.0 [0.8] 67 kB 

Total: 1 package (1 upgrade), Size of downloads: 67 kB
dan@huia ~ $ emerge -pvuDN world 

These are the packages that would be merged, in order:

Calculating world dependencies... done!

Total: 0 packages, Size of downloads: 0 kB
dan@huia ~ $ emerge --info 
Portage 2.1.4.5 (default-linux/x86/2007.0/desktop, gcc-4.1.2, glibc-2.6.1-r0,
2.6.25-gentoo-r7 i686)
=================================================================
System uname: 2.6.25-gentoo-r7 i686 Pentium II (Deschutes)
Timestamp of tree: Sat, 11 Oct 2008 02:45:01 +0000
app-shells/bash:     3.2_p33
dev-lang/python:     2.5.2-r7
sys-apps/baselayout: 1.12.11.1
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.61-r2
sys-devel/automake:  1.7.9-r1, 1.9.6-r2, 1.10.1-r1
sys-devel/binutils:  2.18-r3
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   1.5.26
virtual/os-headers:  2.6.23-r3
ACCEPT_KEYWORDS="x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=i686 -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf
/etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-O2 -march=i686 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="distlocks metadata-transfer sandbox sfperms strict unmerge-orphans
userfetch"
GENTOO_MIRRORS="http://gentoo.blueyonder.co.uk
http://www.mirrorservice.org/sites/www.ibiblio.org/gentoo/ "
LINGUAS="en_GB"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress
--force --whole-file --delete --stats --timeout=180 --exclude=/distfiles
--exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="X acl acpi alsa apm bash-completion berkdb bzip2 cairo cdr cli cracklib
crypt cups dbus divx dri dvd dvdr dvdread eds emboss encode esd evo fam firefox
fortran gdbm geoip gif gpm gstreamer gtk hal iconv ipv6 isdnlog javascript jpeg
jpeg2k kerberos ldap libwww logrotate mad midi mikmod mp3 mpeg mudflap ncurses
nls nptl nptlonly nsplugin ogg opengl openmp oss pam pcre pdf perl png pppd
python qt3support quicktime readline real realmedia reflection sdl session
sound spell spl ssl svg syslog tcpd theora tiff tk truetype unicode vim-syntax
vorbis win32codecs wmp x86 xinerama xml xorg xscreensaver xv xvid zlib"
ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1
emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m
maestro3 trident usb-audio via82xx via82xx-modem ymfpci"
ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file
hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug
rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic
authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm
authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache
dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache
filter headers include info log_config logio mem_cache mime mime_magic
negotiation rewrite setenvif speling status unique_id userdir usertrack
vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux"
LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses
text" LINGUAS="en_GB" USERLAND="GNU" VIDEO_CARDS="mach64 mga r128 radeon vesa
vga"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG,
LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS,
PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY

dan@huia ~ $

------- Comment #13 From Dan Wallis 2008-10-11 15:39:17 0000 ------- 
Oh, and same results for "emerge -pvuDN system" as for "emerge -pvuDN world".
Also, it's not just this one box, all my boxes have this (although I've
manually updated most of them now).

------- Comment #14 From Stefan Behte 2008-10-22 16:42:05 0000 ------- 
*** Bug 243242 has been marked as a duplicate of this bug. ***
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug