Summary: | dev-perl/Compress-Zlib 1.34 includes it's own vuln version of zlib | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | solar (RETIRED) <solar> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | major | CC: | perl | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | B1 [glsa] jaervosz | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
solar (RETIRED)
2005-07-27 19:09:36 UTC
Created attachment 64485 [details, diff]
Compress-Zlib-1.35
Updated version.
or even better, get the package to stop using the bundled one ... if you run a diff between the bundled version and a pristine zlib you'll see that there are no changes I hadn't realized Paul had posted the update, sorry about that folks (this was a topic on the porters list about a week ago). Ebuild should be in the tree in the next few minutes Arches please test and mark Compress-Zlib-1.35 stable. stable on ppc64 Stable on sparc and x86 amd64 happy Stable on hppa ppc stable stable on sh. arm/ia64/s390 done Stable on alpha. GLSA 200508-01 mips don't forget to mark stable. Stable on mips. |