CVE-2018-15688 (https://nvd.nist.gov/vuln/detail/CVE-2018-15688): A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=351cf8e77d67c77e5f705225ac0816367c7547c3 commit 351cf8e77d67c77e5f705225ac0816367c7547c3 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2019-02-23 14:11:11 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2019-02-23 14:11:11 +0000 net-misc/networkmanager: security bump to 1.14.6 Bug: https://bugs.gentoo.org/670042 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Mart Raudsepp <leio@gentoo.org> net-misc/networkmanager/Manifest | 1 + .../networkmanager/networkmanager-1.14.6.ebuild | 339 +++++++++++++++++++++ 2 files changed, 340 insertions(+)
amd64 stable
x86 stable
arm stable
ppc stable
ppc64 stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=70b4da0962bc78298d6bdec9af2229c637748d61 commit 70b4da0962bc78298d6bdec9af2229c637748d61 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2019-04-28 14:40:59 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2019-04-28 14:40:59 +0000 net-misc/networkmanager: security cleanup Bug: https://bugs.gentoo.org/670042 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Mart Raudsepp <leio@gentoo.org> net-misc/networkmanager/Manifest | 1 - .../networkmanager/networkmanager-1.14.4.ebuild | 339 --------------------- 2 files changed, 340 deletions(-)
Shouldn't this have been closed by bug 683958? Seems like a waste of time.
tree is clean
