Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 932453 - <app-containers/skopeo-1.15.1 affected by CVE-2024-3727 allowing unexpected authenticated registry accesses
Summary: <app-containers/skopeo-1.15.1 affected by CVE-2024-3727 allowing unexpected a...
Status: UNCONFIRMED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords: PullRequest, SECURITY
Depends on:
Blocks:
 
Reported: 2024-05-22 10:46 UTC by Rahil Bhimjiani
Modified: 2024-06-13 19:10 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Larry the Git Cow gentoo-dev 2024-06-13 19:10:51 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c7b5ac4efdde4f4cce8bf3747c22bfee187e2488

commit c7b5ac4efdde4f4cce8bf3747c22bfee187e2488
Author:     Rahil Bhimjiani <me@rahil.rocks>
AuthorDate: 2024-06-12 12:34:03 +0000
Commit:     Zac Medico <zmedico@gentoo.org>
CommitDate: 2024-06-13 19:10:43 +0000

    app-containers/skopeo: update to 1.15.1
    
    Addresses https://github.com/advisories/GHSA-6wvf-f2vw-3425 which allows unexpected authenticated registry accesses
    
    Bug: https://bugs.gentoo.org/932453
    Signed-off-by: Rahil Bhimjiani <me@rahil.rocks>
    From: https://github.com/gentoo/gentoo/pull/37135
    Signed-off-by: Zac Medico <zmedico@gentoo.org>

 app-containers/skopeo/Manifest             |  1 +
 app-containers/skopeo/skopeo-1.15.1.ebuild | 69 ++++++++++++++++++++++++++++++
 2 files changed, 70 insertions(+)