Security bug fix Fixed a vulnerability in which TLS certificates were not validated correctly for internal RPC interfaces. This vulnerability could allow an unauthenticated user with network access to read and write to the cluster. #30821 https://www.cockroachlabs.com/docs/releases/v2.0.6.html
any update on this?
@maintainer, please bump to >=dev-db/cockroach-2.0.6
Ping!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b1a2abeb2f2a15c6a24b9be00ae8a44b32d9c33c commit b1a2abeb2f2a15c6a24b9be00ae8a44b32d9c33c Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2019-06-01 20:54:33 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2019-06-01 21:27:51 +0000 dev-db/cockroach: 2.1.5 bump Bug: https://bugs.gentoo.org/668420 Closes: https://github.com/gentoo/gentoo/pull/11765 Signed-off-by: William Hubbs <williamh@gentoo.org> dev-db/cockroach/Manifest | 1 + dev-db/cockroach/cockroach-2.1.5.ebuild | 65 +++++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+)
@ maintainer(s): Please cleanup and drop vulnerable ebuilds (<dev-db/cockroach-2.1.5)!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0f9196e466ce976aadf43e2fe90905cdccad43c1 commit 0f9196e466ce976aadf43e2fe90905cdccad43c1 Author: William Hubbs <william.hubbs@sony.com> AuthorDate: 2019-06-05 21:25:30 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2019-06-05 21:26:57 +0000 dev-db/cockroach: remove vulnerable versions Bug: https://bugs.gentoo.org/668420 Copyright: Sony Interactive Entertainment Inc. Package-Manager: Portage-2.3.66, Repoman-2.3.12 Signed-off-by: William Hubbs <williamh@gentoo.org> dev-db/cockroach/Manifest | 7 ---- dev-db/cockroach/cockroach-1.0-r1.ebuild | 61 ----------------------------- dev-db/cockroach/cockroach-1.0.1.ebuild | 61 ----------------------------- dev-db/cockroach/cockroach-1.0.3.ebuild | 61 ----------------------------- dev-db/cockroach/cockroach-1.0.ebuild | 61 ----------------------------- dev-db/cockroach/cockroach-1.0_rc1.ebuild | 59 ---------------------------- dev-db/cockroach/cockroach-1.1.2.ebuild | 61 ----------------------------- dev-db/cockroach/cockroach-1.1.3.ebuild | 63 ------------------------------ dev-db/cockroach/cockroach-2.0.1.ebuild | 65 ------------------------------- 9 files changed, 499 deletions(-)