Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 483632 - =app-emulation/emul-linux-x86-baselibs-{20121202,20130224{,-r13}} contains libxml2-2.8.0-r3 which is affected by many security bugs. (CVE-2013-{1664,0338,0339,1969,2877})
Summary: =app-emulation/emul-linux-x86-baselibs-{20121202,20130224{,-r13}} contains li...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major with 1 vote (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A2 [glsa]
Keywords:
Depends on: 508322
Blocks: 482038
  Show dependency tree
 
Reported: 2013-09-04 19:21 UTC by Ben Kohler
Modified: 2014-12-12 01:09 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ben Kohler gentoo-dev 2013-09-04 19:21:23 UTC
These versions (all current in-tree versions, stable and unstable) seem to be affected by at least:
bug #458430
bug #458740
bug #466238
bug #476438

The bump to 2.9 will be needed by some new packages like wine (bug #482038) but even more importantly, we need to get away from 2.8 and all its outstanding security issues.  I'm not sure which of these bug numbers should go in blockers or depends on, if any... so thanks in advance to b-w or whoever gets this report in order.

Thanks!
Comment 1 Sean Amoss (RETIRED) gentoo-dev Security 2014-11-25 21:50:14 UTC
Added to existing GLSA request.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2014-12-12 01:09:10 UTC
This issue was resolved and addressed in
 GLSA 201412-11 at http://security.gentoo.org/glsa/glsa-201412-11.xml
by GLSA coordinator Sean Amoss (ackle).