CVE-2020-36403: HTSlib 1.10 through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read). Patch in >=1.11: https://github.com/samtools/htslib/commit/dcd4b7304941a8832fba2d0fc4c1e716e7a4e72c Please bump.
Package list is empty or all packages have requested keywords.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a7e45d492762de669f6e84b5df12aaf95cae1a1d commit a7e45d492762de669f6e84b5df12aaf95cae1a1d Author: David Seifert <soap@gentoo.org> AuthorDate: 2021-10-03 17:41:36 +0000 Commit: David Seifert <soap@gentoo.org> CommitDate: 2021-10-03 17:41:36 +0000 sci-libs/htslib: add 1.13 Bug: https://bugs.gentoo.org/799788 Signed-off-by: David Seifert <soap@gentoo.org> sci-libs/htslib/Manifest | 1 + sci-libs/htslib/htslib-1.13.ebuild | 52 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+)
Please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fac85a0681906115f21e878305e44c0243e0c686 commit fac85a0681906115f21e878305e44c0243e0c686 Author: David Seifert <soap@gentoo.org> AuthorDate: 2021-10-11 14:55:11 +0000 Commit: David Seifert <soap@gentoo.org> CommitDate: 2021-10-11 14:55:11 +0000 sci-libs/htslib: drop 1.10.2 Bug: https://bugs.gentoo.org/799788 Signed-off-by: David Seifert <soap@gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/22556 Signed-off-by: David Seifert <soap@gentoo.org> sci-libs/htslib/Manifest | 1 - sci-libs/htslib/htslib-1.10.2.ebuild | 51 ------------------------------------ 2 files changed, 52 deletions(-)
Thanks Soap!