A new version of gmp-ecm has been released yesterday (7.0.5). I am currently testing a branch and will push once everything looks in order. The new release includes fixes for all the issues requiring patch previously. The new release has support for cuda but I cannot test it (I currently have an intel card). But the build system for the cuda driver looks far more robust than cholmod for example. Reproducible: Always
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=99942c6ca1519833a3557de313fff0056788f71f commit 99942c6ca1519833a3557de313fff0056788f71f Author: François Bissey <frp.bissey@gmail.com> AuthorDate: 2022-05-05 23:31:46 +0000 Commit: Michael Orlitzky <mjo@gentoo.org> CommitDate: 2022-05-06 11:42:34 +0000 sci-mathematics/gmp-ecm: upstream bump Package-Manager: Portage-3.0.30, Repoman-3.0.3 Closes: https://bugs.gentoo.org/842843 Closes: https://github.com/gentoo/gentoo/pull/25341 Signed-off-by: François René Pierre Bissey <frp.bissey@gmail.com> Signed-off-by: Michael Orlitzky <mjo@gentoo.org> sci-mathematics/gmp-ecm/Manifest | 1 + sci-mathematics/gmp-ecm/gmp-ecm-7.0.5.ebuild | 63 ++++++++++++++++++++++++++++ sci-mathematics/gmp-ecm/metadata.xml | 3 ++ 3 files changed, 67 insertions(+)
Advisory: https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8#advisory-comment-72243 https://geometrydashsubzero.net "Modules for TCP syslog reception have a heap buffer overflow when octet-counted framing is used. The attacker can corrupt heap values, leading to data integrity issues and availability impact. Remote code execution is unlikely to happen but not impossible."
