Summary: | app-antivirus/vlnx-4510e: invalid usage of RESTRICT=binchecks CVE-2006-6474 | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jakub Moc (RETIRED) <jakub> |
Component: | Runpath Issues | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | CC: | drizzt, qa |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | [B1? maskglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Jakub Moc (RETIRED)
2006-12-03 07:42:30 UTC
last rites # Timothy Redaelli <drizzt@gentoo.org> (09 Dec 2006) # pending removal (#156989) # can't fix rpath, application checks its checksum app-antivirus/vlnx i close the bug when i'll punt the package Thanks for finding this bug Jakub, this is a security issue and we need to vote on a maskglsa. I tend to vote YES as scanning a file with a specific name may result in arbitrary code execution. Timothy: please dont disable these checks in future without checking with the security team (ideally me or solar)! I vote YES. yes++ YES Vote. Solution in the GLSA should suggest removal from the system. GLSA 200612-15 severity -> enhancement for (maybe?) later resolution Removed from the tree. |