CVE-2017-1000215 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1000215): ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
@Maintainers please call for stabilization when ready. Thank you
@arches, please stabilize.
amd64 stable
x86 stable
Arches and Maintainer(s), Thank you for your work. New GLSA Request filed.
Since xrootd-4.8.3 is now stable, I dropped earlier versions from the tree and bumped unstable to 4.9.0.
This issue was resolved and addressed in GLSA 201903-11 at https://security.gentoo.org/glsa/201903-11 by GLSA coordinator Aaron Bauman (b-man).