Summary: | media-gfx/blender KML/KMZ Import Command Injection Vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Executioner <keith> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | graphics+disabled, malverian |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/24232/ | ||
Whiteboard: | B2 [glsa] Executioner | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 167694 | ||
Bug Blocks: |
Description
Executioner
2007-03-01 17:01:36 UTC
(In reply to comment #0) > Solution: > Update to version 2.43, which no longer includes the affected script. blender-2.43 is broken (see Bug 167694); not really a solution. graphics any news on this one? graphics team please advise. If it's such a mess, then we'll have to mask it. It's about code injection, it's serious. I'm adding right now blender, people with amd64 please check it... (give me 1h to reshape the ebuild...) Luca, any news on this one? I still need somebody with amd64 to test the ebuild. the ebuild is in portage but masked because of that. Ahh no update to Changelog. Maybe just call amd64 to test? Should do. amd64 team please test blender-2.43 Tested on amd64 and removed from package.mask I guess we could ask for stabilization then ^^ Thx. Arches please test and mark stable. Target keywords are: blender-2.43.ebuild:KEYWORDS="amd64 ppc ppc64 ~sparc x86" amd64 stable x86 stable ppc64 stable ppc stable GLSA 200704-19 |