From ${URL}: A reflected XSS issue was found in ganglia-web. This issue was fixed in the 3.7.2 release. References: http://ganglia.info/?p=619 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Please bump to >=3.7.2
PMASKED for removal via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=66a3c8edba15cb0eccf125b74250f1baeeab15d1
I have had updated versions of this package in my junkdrawer overlay for more than a year. I'm interested in proxy maintaining it so it doesn't get removed.
Daniel, I'm happy to proxy for you. Feel free to email me patches or file PR's and highlight me on github (jsbronder there as well). Make sure that your first commit updates the metadata.xml to add you as the proxy maintainer.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=144acff1e4c6db1ba4823bf35c820acd0570d903 commit 144acff1e4c6db1ba4823bf35c820acd0570d903 Author: Daniel M. Weeks <dan@danweeks.net> AuthorDate: 2018-03-24 16:45:31 +0000 Commit: Justin Bronder <jsbronder@gentoo.org> CommitDate: 2018-03-28 14:25:08 +0000 sys-cluster/ganglia-web: version bump 3.7.3 Bug: https://bugs.gentoo.org/592080 Bug: https://bugs.gentoo.org/559658 Package-Manager: Portage-2.3.24, Repoman-2.3.6 sys-cluster/ganglia-web/Manifest | 1 + sys-cluster/ganglia-web/ganglia-web-3.7.3.ebuild | 49 ++++++++++++++++++++++++ 2 files changed, 50 insertions(+)}
GLSA Vote: No Tree is clean. Thanks!