882783 – dev-db/percona-xtrabackup{-bin,}: directory traversal (or memory corruption?)

Bug 882783 - dev-db/percona-xtrabackup{-bin,}: directory traversal (or memory corruption?)

Summary: dev-db/percona-xtrabackup{-bin,}: directory traversal (or memory corruption?)

Status:	CONFIRMED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://github.com/percona/percona-xt...
Whiteboard:	??
Keywords:

Depends on:
Blocks:	CVE-2022-45866
	Show dependency tree

Reported:	2022-11-24 16:03 UTC by John Helmert III
Modified:	2022-11-24 16:29 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2022-11-24 16:03:05 UTC

See tracker for details. The CVE description says it's a directory traversal, but the percona-xtrabackup reference (URL) seems to not be the same issue? Is it?

Comment 1 Larry the Git Cow gentoo-dev

2022-11-24 16:19:06 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=398e7bf822fb1f93466348bfc5d123f92de610e9

commit 398e7bf822fb1f93466348bfc5d123f92de610e9
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2022-11-24 16:16:28 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-11-24 16:18:56 +0000

    profiles: last rite dev-db/percona-xtrabackup-bin
    
    Bug: https://bugs.gentoo.org/849389
    Bug: https://bugs.gentoo.org/864367
    Bug: https://bugs.gentoo.org/882783
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 profiles/package.mask | 6 ++++++
 1 file changed, 6 insertions(+)