Summary: | gnome-extra/libgda syslog format string attack | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2? [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Sune Kloppenborg Jeppesen (RETIRED)
2005-10-25 13:26:45 UTC
Gnome please provide an updated ebuild. I've committed libgda-1.2.2-r1.ebuild, which includes a patch for this. Thx Leonardo, arches please test and mark stable. Marked ppc64 stable. Thanks. sparc stable. 1.2.2-r1 fails on amd64 with the following sandbox error: ACCESS DENIED unlink: /usr/lib64/libgdasql.so.3.0.0 /bin/install: cannot remove `/usr/lib64/libgdasql.so.3.0.0': Permission denied make[2]: *** [install-libLTLIBRARIES] Error 1 make[2]: Leaving directory `/var/tmp/portage/libgda-1.2.2-r1/work/libgda-1.2.2/libsql' make[1]: *** [install-am] Error 2 make[1]: Leaving directory `/var/tmp/portage/libgda-1.2.2-r1/work/libgda-1.2.2/libsql' make: *** [install-recursive] Error 1 !!! ERROR: gnome-extra/libgda-1.2.2-r1 failed. !!! Function einstall, Line 524, Exitcode 2 !!! einstall failed 1.2.2 works fine though # cat /var/log/sandbox/sandbox-gnome-extra_-_libgda-1.2.2-r1-17475.log unlink: /usr/lib64/libgdasql.so.3.0.0 # Simon, I can't reproduce the problem on pitr, but could you verify if adding USE_DESTDIR="1" to the ebuild resolves it? yup, works fine with USE_DESTDIR=1 Thanks, the fix has been committed to the ebuild now. stable on alpha Cheers, Ferdy Stable on x86 Stable on ppc. amd64 stable GLSA 200511-01 For some unknown reason hppa and ia64 were forgotten along the way. Perhaps the recent stable-ing of an older version... hppa and ia64 should mark stable to benefit from GLSA. Straigth to stable on hppa. |