There is a security vulnerability in net-misc/pump. It has been reported to Debian previously, they patched it in Debian 8 and removed the package from Debian 9.10 and 10.1 because of lack of maintenance. https://security-tracker.debian.org/tracker/source-package/pump https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933674 https://www.debian.org/lts/security/2019/dla-1908
Thanks for the report. I think we will treeclean it. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935332
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b2ff6538c99875e713cdc6a5c641a9f53339859 commit 6b2ff6538c99875e713cdc6a5c641a9f53339859 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2019-09-14 13:44:14 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2019-09-14 13:48:35 +0000 package.mask: Last rite net-misc/pump Bug: https://bugs.gentoo.org/694314 Signed-off-by: Michał Górny <mgorny@gentoo.org> profiles/package.mask | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=48cf9f4466de549fd83cdf4040499bdeeb9242f6 commit 48cf9f4466de549fd83cdf4040499bdeeb9242f6 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2019-10-14 20:04:00 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2019-10-14 20:06:58 +0000 net-misc/pump: Remove last-rited pkg Bug: https://bugs.gentoo.org/694314 Signed-off-by: Michał Górny <mgorny@gentoo.org> net-misc/pump/Manifest | 2 -- net-misc/pump/metadata.xml | 8 ------ net-misc/pump/pump-0.8.24-r4.ebuild | 56 ------------------------------------- profiles/package.mask | 7 ----- 4 files changed, 73 deletions(-)
Package was stable, we need to create a removal GLSA.
This issue was resolved and addressed in GLSA 201911-02 at https://security.gentoo.org/glsa/201911-02 by GLSA coordinator Aaron Bauman (b-man).
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/proj/netifrc.git/commit/?id=7b1c09f80b94f01f670c8d487df361b3ddfebe0c commit 7b1c09f80b94f01f670c8d487df361b3ddfebe0c Author: Matoro Mahri <matoro_gentoo@matoro.tk> AuthorDate: 2024-01-07 07:16:30 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-01-07 09:42:35 +0000 Remove support for treecleaned net-misc/pump Bug: https://bugs.gentoo.org/694314 Closes: https://bugs.gentoo.org/921538 Signed-off-by: Matoro Mahri <matoro_gentoo@matoro.tk> Closes: https://github.com/gentoo/netifrc/pull/51 Signed-off-by: Sam James <sam@gentoo.org> doc/net.example.Linux.in | 7 ++---- net/Makefile | 2 +- net/dhclient.sh | 2 +- net/dhcpcd.sh | 2 +- net/pump.sh | 63 ------------------------------------------------ 5 files changed, 5 insertions(+), 71 deletions(-)
