Description: "This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API."
Please bump when you can to 2.1.0, thanks!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ac56a337ac3e6c17ed58cfb9961de37e3da29ab commit 7ac56a337ac3e6c17ed58cfb9961de37e3da29ab Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2020-09-23 05:38:54 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2020-09-23 05:40:26 +0000 app-emulation/libpod: Bump to version 2.1.0 Bug: https://bugs.gentoo.org/744196 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: Zac Medico <zmedico@gentoo.org> app-emulation/libpod/Manifest | 1 + app-emulation/libpod/libpod-2.1.0.ebuild | 154 +++++++++++++++++++++++++++++++ 2 files changed, 155 insertions(+)
Thanks! Please cleanup when ready.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c9cf798651b74852c656c0d1c92fbb07ee9dd529 commit c9cf798651b74852c656c0d1c92fbb07ee9dd529 Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2020-09-23 16:11:49 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2020-09-23 16:12:18 +0000 app-emulation/libpod: Remove vulnerable versions Bug: https://bugs.gentoo.org/744196 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: Zac Medico <zmedico@gentoo.org> app-emulation/libpod/Manifest | 8 -- app-emulation/libpod/libpod-1.8.2.ebuild | 141 ---------------------------- app-emulation/libpod/libpod-1.9.3.ebuild | 142 ---------------------------- app-emulation/libpod/libpod-2.0.0.ebuild | 150 ------------------------------ app-emulation/libpod/libpod-2.0.1.ebuild | 150 ------------------------------ app-emulation/libpod/libpod-2.0.2.ebuild | 154 ------------------------------- app-emulation/libpod/libpod-2.0.3.ebuild | 154 ------------------------------- app-emulation/libpod/libpod-2.0.4.ebuild | 154 ------------------------------- app-emulation/libpod/libpod-2.0.5.ebuild | 154 ------------------------------- 9 files changed, 1207 deletions(-)
Thanks Zac. Tree is clean, no stable versions so no GLSA and all done.
