Summary: | media-gfx/zgv < 5.9 has a vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Marcelo Goes (RETIRED) <vanquirius> |
Component: | Auditing | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.svgalib.org/rus/zgv/ | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Marcelo Goes (RETIRED)
![]() I may have panicked too soon: it seems Gentoo's 5.8 version has its own fix. Most of Gentoo's 5.8 patch was integrated upstream in 5.9. I only wonder if 5.9 fixes possible vulnerabilities that Gentoo's patch did not cover. Setting to Auditing Our 5.8 fixes the heap issues as does 5.9; but 5.9 includes a few bugfixes and hang fix or two so I'd just update but not GLSA it as it is not a security risk. Thanks for reporting anyway. |