See tracker.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ec67889f3288fba2457575ddb1b599581b2830f3 commit ec67889f3288fba2457575ddb1b599581b2830f3 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-05-20 03:49:40 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-20 03:49:40 +0000 app-crypt/sequoia-chameleon-gnupg: drop 0.2.0 Bug: https://bugs.gentoo.org/906799 Signed-off-by: Sam James <sam@gentoo.org> app-crypt/sequoia-chameleon-gnupg/Manifest | 4 - .../sequoia-chameleon-gnupg-0.2.0.ebuild | 340 --------------------- 2 files changed, 344 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1fd5803705bc3bc5ede5559d08b6e4c57a201fbf commit 1fd5803705bc3bc5ede5559d08b6e4c57a201fbf Author: Sam James <sam@gentoo.org> AuthorDate: 2023-05-20 03:48:52 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-20 03:48:52 +0000 app-crypt/sequoia-chameleon-gnupg: patch vulnerabilities (see bug), use llvm.eclass - Patch various vulnerabilities by upgrading crates (sequoia-openpgp and buffered-reader) - Use llvm.eclass for the Clang dep, as we need it for bindgen Bug: https://bugs.gentoo.org/906799 Signed-off-by: Sam James <sam@gentoo.org> app-crypt/sequoia-chameleon-gnupg/Manifest | 5 + .../sequoia-chameleon-gnupg-0.2.0-sec-fixes.patch | 104 ++++++ .../sequoia-chameleon-gnupg-0.2.0-r1.ebuild | 347 +++++++++++++++++++++ 3 files changed, 456 insertions(+)
