Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 61797
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Wolfram Schlich <wschlich@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 61797 depends on: Show dependency tree
Bug 61797 blocks:
Votes: 0    Show votes for this bug    Vote for this bug

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2004-08-26 05:50 0000 
--8<--
A problem exists for all star versions that
did support to use ssh for remote tape access.

The problem is present in star-1.5a09 ... star-1.5a45

Please upgrade to star-1.5a46
--8<--
The latest version available in portage is app-arch/star-1.5_alpha43.
It should be noted that star currently is not SUID by default.

------- Comment #1 From Sune Kloppenborg Jeppesen 2004-08-26 06:46:42 0000 ------- 
lostlogic you bumped last time please bump to latest version.

Currently no more info on the issue.

------- Comment #2 From Sune Kloppenborg Jeppesen 2004-08-28 15:31:13 0000 ------- 
Bump compiles fine.

------- Comment #3 From solar 2004-08-31 01:31:03 0000 ------- 
ebuild bumped to star-1.5_alpha46 (Runtime needs testing)

------- Comment #4 From Sune Kloppenborg Jeppesen 2004-08-31 01:43:42 0000 ------- 
Arches please test and mark stable.

------- Comment #5 From Gustavo Zacarias (RETIRED) 2004-08-31 05:43:10 0000 ------- 
Sparc tasty.

------- Comment #6 From Bryan Østergaard (RETIRED) 2004-08-31 16:24:56 0000 ------- 
Stable on alpha.

------- Comment #7 From Jochen Maes (RETIRED) 2004-09-01 13:48:55 0000 ------- 
tested and stable on ppc


greetings

------- Comment #8 From Thierry Carrez (RETIRED) 2004-09-02 01:00:17 0000 ------- 
Reassigning Product/Component as this is not a GLSA error, it's a security bug.

------- Comment #9 From Travis Tilley (RETIRED) 2004-09-02 01:54:58 0000 ------- 
stable on amd64

------- Comment #10 From Sune Kloppenborg Jeppesen 2004-09-05 03:20:06 0000 ------- 
Local priv escalation.

x86 please mark stable

------- Comment #11 From Tim Yamin (RETIRED) 2004-09-06 11:03:01 0000 ------- 
Stable on IA64.

------- Comment #12 From Olivier Crete 2004-09-07 13:57:09 0000 ------- 
stable on x86

------- Comment #13 From Thierry Carrez (RETIRED) 2004-09-07 14:00:53 0000 ------- 
GLSA-ready

------- Comment #14 From SpanKY 2004-09-07 21:36:06 0000 ------- 
hppa stable now

------- Comment #15 From Thierry Carrez (RETIRED) 2004-09-08 00:54:35 0000 ------- 
GLSA 200409-11

------- Comment #16 From solar 2006-05-29 17:23:56 0000 ------- 
The GLSA sent our for this bug has an error

      <unaffected range="ge">star-1.5_alpha46</unaffected>
      <vulnerable range="lt">star-1.5_alpha46</vulnerable>

Should read:

      <unaffected range="ge">1.5_alpha46</unaffected>
      <vulnerable range="lt">1.5_alpha46</vulnerable>

Ref:
http://www.gentoo.org/security/en/glsa/glsa-200409-11.xml?passthru=1

------- Comment #17 From Stefan Cornelius (RETIRED) 2006-05-30 02:42:12 0000 ------- 
Thanks Kugelfang/solar. Should be fixed in the tree.
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug