Comment 1 Manuel Rüger (RETIRED) 2016-02-06 14:10:19 UTC

Added 0.8.2 which includes a fix for this.

Arches please test and stablize.

Comment 2 Tobias Klausmann (RETIRED) 2016-02-09 11:57:32 UTC

Stable on alpha.

Comment 3 Jeroen Roovers (RETIRED) 2016-02-10 12:53:25 UTC

Stable for HPPA.

Comment 4 Agostino Sarubbo 2016-02-11 12:28:34 UTC

amd64 stable

Comment 5 Jeroen Roovers (RETIRED) 2016-02-13 08:22:13 UTC

Stable for PPC64.

Comment 6 Markus Meier 2016-02-14 17:21:53 UTC

arm stable

Comment 7 Agostino Sarubbo 2016-03-15 16:39:42 UTC

x86 stable

Comment 8 Agostino Sarubbo 2016-03-16 12:06:13 UTC

ppc stable

Comment 9 Agostino Sarubbo 2016-03-19 11:36:15 UTC

sparc stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.

Comment 10 GLSAMaker/CVETool Bot 2016-03-19 13:06:27 UTC

CVE-2016-2090 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2090):
  libbsd 0.8.1 and earlier contains a buffer overflow in the function
  fgetwln(). An if checks if it is necessary to reallocate memory in the
  target buffer. However this check is off by one, therefore an out of
  bounds write happens.

Comment 11 Aaron Bauman (RETIRED) 2016-03-19 13:11:17 UTC

GLSA opened.

Comment 12 Aaron Bauman (RETIRED) 2016-03-24 06:57:00 UTC

@maintainers, still pending cleanup of vulnerable ebuilds.  Please let us know when complete or if you are unable to at this time.  Thanks.

Comment 13 Michael Palimaka (kensington) 2016-03-24 11:32:10 UTC

Cleanup done.

Comment 14 GLSAMaker/CVETool Bot 2016-07-20 11:22:16 UTC

This issue was resolved and addressed in
 GLSA 201607-13 at https://security.gentoo.org/glsa/201607-13
by GLSA coordinator Aaron Bauman (b-man).