Summary: | net-misc/xsupplicant "eap_do_notify()" Buffer Overflow Vulnerability (CVE-2006-{5601,5602}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | dago <dago158> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | CC: | falco, latexer, mobile+disabled |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/22612/ | ||
Whiteboard: | ~1 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 154994 | ||
Bug Blocks: |
Description
dago
2006-11-13 03:59:52 UTC
Mobile please advise and bump as necessary. Is xsupplicant installed suid? No, it is not installed suid. Mobile please advise and mask if that is what is planned for the package. Mobile please advise and mask if that is what is planned for the package. No response from Mobile. I think we should mask this one, comments? *** Bug 153423 has been marked as a duplicate of this bug. *** Bah, no fun. It's not even stable on a single arch. Rerating. mobile, please comment on this bug, it has been open for months the ebuild should either be bumped or masked masked now. was never stable -> no maskglsa required. setting to enhancement Maybe this is a candidate for removal? This ebuild has been masked for over a year. If nobody wants to bumb it, I guess it should be removed from the tree. There are however two bugs with newer ebuilds attached (bug 154994 and bug 174802). xsupplicant-2.2.0 is now in the tree. i'll change the mask and clean up the old ebuilds later. i have restricted the mask to <xsupplicant-2.2.0 all affected ebuilds have been removed from the tree. There never was a stable version. Closing noglsa. |