Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 140539 - net-misc/tor - security cleanup needed
Summary: net-misc/tor - security cleanup needed
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: GLSA Errors (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-07-15 12:11 UTC by Jakub Moc (RETIRED)
Modified: 2006-09-05 01:55 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jakub Moc (RETIRED) gentoo-dev 2006-07-15 12:11:22 UTC 
net-misc/tor-0.1.0.14-r1: vulnerable via glsa(200606-04) ( ver < 0.1.1.20 ), affects ('amd64', 'ppc', 'ppc64', 'sparc', 'x86')
net-misc/tor-0.1.0.16: vulnerable via glsa(200606-04) ( ver < 0.1.1.20 ), affects ('amd64', 'ppc', 'ppc64', 'sparc', 'x86')
net-misc/tor-0.1.0.17: vulnerable via glsa(200606-04) ( ver < 0.1.1.20 ), affects ('amd64', 'ppc', 'ppc64', 'sparc', 'x86')

Please, clean up the above. Thanks! ;)
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2006-09-02 16:52:46 UTC 
Please, do it...
Comment 2 Gustavo Felisberto (RETIRED) gentoo-dev 2006-09-04 18:02:13 UTC 
This one missed me. I removed all bad versions. But 0.1.0.18 is not affected by that glsa. That glsa affects versions < 0.1.1.20 at the time of it's writing. Those issues have been solved in the version now left in the tree.
Comment 3 Jakub Moc (RETIRED) gentoo-dev 2006-09-05 00:15:53 UTC 
(In reply to comment #2)
> This one missed me. I removed all bad versions. But 0.1.0.18 is not affected by
> that glsa. That glsa affects versions < 0.1.1.20 at the time of it's writing.
> Those issues have been solved in the version now left in the tree.

GLSA should be fixed then, re-assigning this to security folks.
Comment 4 Jakub Moc (RETIRED) gentoo-dev 2006-09-05 00:16:40 UTC 
@security: please, see above... Thanks.
Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-09-05 01:55:13 UTC 
Thx for the notification.

Fixed in CVS.