http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1006

Comment 2 Stefan Cornelius (RETIRED) 2007-02-24 12:46:10 UTC

heh, this baby is already in the tree. arches, please test and stable version 2.0.5, thx

ps: i know some of you are visiting fosdem now - enjoy and have fun!

Comment 3 Markus Meier 2007-02-24 14:03:44 UTC

net-im/ekiga-2.0.5  USE="dbus doc gnome sdl -avahi -debug"
1. emerges on x86
2. passes collision test
3. works

Portage 2.1.2-r9 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.5-r0, 2.6.19.3 i686)
=================================================================
System uname: 2.6.19.3 i686 AMD Athlon(TM) XP1800+
Gentoo Base System release 1.12.9
Timestamp of tree: Sat, 24 Feb 2007 11:00:01 +0000
ccache version 2.4 [enabled]
dev-java/java-config: 1.3.7, 2.0.31
dev-lang/python:     2.3.5-r3, 2.4.3-r4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     2.4-r6
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.61
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.14
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.17-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=i686 -fomit-frame-pointer -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c"
CXXFLAGS="-O2 -march=i686 -fomit-frame-pointer -pipe"
DISTDIR="/usr/portage/distfiles"
EMERGE_DEFAULT_OPTS="--nospinner"
FEATURES="autoconfig ccache collision-protect distlocks fixpackages metadata-transfer parallel-fetch sandbox sfperms strict test userfetch userpriv usersandbox"
GENTOO_MIRRORS="http://mirror.switch.ch/mirror/gentoo/ http://gentoo.inode.at/"
LANG="en_GB.utf8"
LINGUAS="en de en_GB"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage/normal"
SYNC="rsync://192.168.2.1/gentoo-portage"
USE="3dnow 3dnowext X a52 aac alsa apache2 berkdb bitmap-fonts bzip2 cairo cdr cli cracklib crypt cups dbus divx4linux dri dts dvd dvdr dvdread eds emboss exif fam ffmpeg firefox fortran gdbm gif gnome gphoto2 gpm gstreamer gtk hal iconv ipv6 isdnlog java jpeg kde ldap libg++ mad midi mikmod mmx mmxext mono mp3 mpeg ncurses network nls nptl nptlonly ogg opengl oss pam pcre perl png ppds pppd python qt qt3 qt4 quicktime readline reflection samba sdl seamonkey session spell spl ssl svg tcpd test tetex tiff truetype truetype-fonts type1-fonts unicode usb vcd vorbis win32codecs x86 xine xinerama xml xorg xprint xv xvid zlib" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LINGUAS="en de en_GB" USERLAND="GNU" VIDEO_CARDS="nv none"
Unset:  CTARGET, INSTALL_MASK, LC_ALL, LDFLAGS, MAKEOPTS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 4 Markus Meier 2007-02-24 15:20:50 UTC

(In reply to comment #3)
> net-im/ekiga-2.0.5  USE="dbus doc gnome sdl -avahi -debug"
> 1. emerges on x86
> 2. passes collision test
> 3. works

sorry I forgot to mention that this version needs the following two deps stable:
dev-libs/pwlib-1.10.4
net-libs/opal-2.2.5

both emerge w/o problems on x86 and pass collision test.

Comment 5 Raúl Porcel (RETIRED) 2007-02-24 18:45:28 UTC

dev-libs/pwlib-1.10.4
net-libs/opal-2.2.5
net-im/ekiga-2.0.5

x86 stable, thanks Markus

Comment 6 Markus Rothe (RETIRED) 2007-02-25 18:41:46 UTC

ppc64 stable

Comment 7 Jason Wever (RETIRED) 2007-02-27 02:47:45 UTC

SPARC stable

Comment 8 Jakub Moc (RETIRED) 2007-02-28 18:44:52 UTC

*** Bug 168771 has been marked as a duplicate of this bug. ***

Comment 9 René Nussbaumer (RETIRED) 2007-03-01 20:16:33 UTC

stable on hppa. Sorry for the delay.

Comment 10 Simon Stelling (RETIRED) 2007-03-02 14:12:23 UTC

marked stable by beandog on amd64

Comment 11 Tobias Scherbaum (RETIRED) 2007-03-03 12:39:36 UTC

ppc stable

Comment 12 Stefan Cornelius (RETIRED) 2007-03-05 11:59:08 UTC

we cant wait any longer here. either get it stable, or it will fly out without you.

Comment 13 Matthias Geerdsen (RETIRED) 2007-03-05 20:56:48 UTC

kloeri wanted to take care of it for alpha tomorrow

Comment 14 Stefan Cornelius (RETIRED) 2007-03-07 08:42:03 UTC

http://bugzilla.gnome.org/show_bug.cgi?id=415526

back to ebuild status :(

Comment 15 Bryan Østergaard (RETIRED) 2007-03-10 18:50:35 UTC

Finally stabled Alpha + IA64. I'm not removing us from the bug because of comment #14.

Comment 16 Raphael Marichez (Falco) (RETIRED) 2007-03-13 23:12:06 UTC

Nice. But as said in comment #14, the fix doesn't fix the weakness. VoIP team, please advise

Comment 17 Raphael Marichez (Falco) (RETIRED) 2007-03-15 21:22:47 UTC

voip team please advise or comment

Comment 18 Chris Gianelloni (RETIRED) 2007-03-21 14:27:51 UTC

OK.  I so don't want to ship something that might be vulnerable for the 2007.0 release.  Anybody got any comments here?

Comment 19 Gustavo Zacarias (RETIRED) 2007-03-21 17:34:57 UTC

dev-libs/pwlib-1.10.5, net-libs/opal-2.2.6 and net-im/ekiga-2.0.7 are in.
They should all go stable at the same time and sparc stable btw.

Comment 20 Christian Faulhammer (RETIRED) 2007-03-23 08:42:59 UTC

x86 got the call

Comment 21 Markus Rothe (RETIRED) 2007-03-23 11:40:06 UTC

ppc64 stable

Comment 22 Chris Gianelloni (RETIRED) 2007-03-23 17:30:54 UTC

alpha/amd64/ia64/ppc done

Comment 23 Jeroen Roovers (RETIRED) 2007-03-27 04:51:01 UTC

Stable for HPPA (killerfox)

Comment 24 Raphael Marichez (Falco) (RETIRED) 2007-03-29 21:20:53 UTC

Thanks everybody

Comment 25 Raphael Marichez (Falco) (RETIRED) 2007-03-29 21:40:22 UTC

GLSA 200703-25, thanks! I hope this is the good one