desktop-file-utils 0.23 fixes an out of bounds heap read. This is one of those cases where it's debatable whether this is a security issue at all, probably not worthy of a GLSA. Please bump Upstream bugs: https://bugs.freedesktop.org/show_bug.cgi?id=90784 https://bugs.freedesktop.org/show_bug.cgi?id=94303
Per previous comment, the issue is fixed in: =dev-util/desktop-file-utils-0.23 Please bump and if ready request stabilization in this bug.
Bumped in git. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=71af3476fb0356ce0e319b3d686f630da602ae2e Feel free to stabilise at your discretion.
@arches, please stabilize: =dev-util/desktop-file-utils-0.23
amd64 stable
x86 stable
Stable on alpha.
Stable for HPPA PPC64.
arm stable
ppc stable
sparc stable
ia64 stable
Removing unstable arches. @maintainer(s), please cleanup. GLSA Vote: No
Cleanup done.
Thanks, all!