Hello, I've added the CVE patches for the .scm files and created a tarball with the resulting .c files. Otherwise build system would try to generate these with "chicken" which is not yet available during initial install. Please remove the PMASK if you approve and mask/remove all older versions. I don't want to stand responsible for this situation with known but ignored security issues. Michael
+*chicken-4.8.0.3-r1 (08 Jul 2013) + + 08 Jul 2013; Michael Weber <xmw@gentoo.org> +chicken-4.8.0.3-r1.ebuild, + +files/chicken-4.8.0.3-CVE-2013-1874.patch, + +files/chicken-4.8.0.3-CVE-2013-2024.patch, + +files/chicken-4.8.0.3-CVE-2013-2075_1.patch, + +files/chicken-4.8.0.3-CVE-2013-2075_2.patch: + Revbump to include security patches (bugs 462458, 469392, 467966) +
Thanks for the patches, Michael. I'm checking this out even now.
I have compared these patches with upstream's git repo. They look good and build clean.
Uh, not fixed yet. Now we ask the arch teams to stabilize it. Arches, please stabilize =dev-scheme/chicken-4.8.0.3-r1, target arches alpha amd64 ppc ppc64 x86. Thanks!
amd64 stable
x86 stable
ppc stable
ppc64 stable
alpha stable. Last arch, closing