205732 – (CVE-2005-4714) net-misc/vmpsd < 1.3-r4 OpenVMPS Logging Function Format String Vulnerability (CVE-2005-4714)

Bug 205732 (CVE-2005-4714) - net-misc/vmpsd < 1.3-r4 OpenVMPS Logging Function Format String Vulnerability (CVE-2005-4714)

Summary: net-misc/vmpsd < 1.3-r4 OpenVMPS Logging Function Format String Vulnerability...

Status:	RESOLVED FIXED

Alias:	CVE-2005-4714

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High trivial (vote)
Assignee:	Gentoo Security

URL:	http://www.securityfocus.com/bid/1507...
Whiteboard:	~1 [noglsa]
Keywords:

Depends on:
Blocks:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robin Johnson archtester

2008-01-14 02:57:04 UTC

I ran into this security vuln while cleaning up the package, not sure if it's GLSA-worthy. I'm patching it in the tree already.

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2008-01-14 12:09:00 UTC

No GLSA if the package was never stable, which seems to be the case.
1.3-r4 fixes this bug, right?

Comment 2 Robin Johnson archtester

2008-01-14 12:34:39 UTC

yes, 1.3-r4 fixes it.

Comment 3 Pierre-Yves Rofes (RETIRED) gentoo-dev

2008-01-14 13:10:04 UTC

(In reply to comment #2)
> yes, 1.3-r4 fixes it.
> 

Ok, so closing. thanks for the report.