Summary: | app-arch/libarchive (former app-arch/bsdtar): multiple vulnerabilities | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Diego Elio Pettenò (RETIRED) <flameeyes> | ||||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | normal | CC: | esigra, uberlord | ||||||
Priority: | High | ||||||||
Version: | unspecified | ||||||||
Hardware: | All | ||||||||
OS: | All | ||||||||
Whiteboard: | B2? [glsa] DerCorny | ||||||||
Package list: | Runtime testing required: | --- | |||||||
Attachments: |
|
Description
Diego Elio Pettenò (RETIRED)
2007-07-11 19:06:36 UTC
yes, please provide some ebuilds and attach them here, dont commit yet (unless this goes public faster than you are) Created attachment 124629 [details, diff]
libarchive-6stable.patch
Patch (updated from the second mail, with Matt Dillon's fix).
Created attachment 124630 [details]
bsdtar-2.2.3-r1.ebuild
*** Bug 185085 has been marked as a duplicate of this bug. *** public I suppose that at this point we could mark 2.2.4 stable and be done with it (I'll add a 2.2.4-r1 to fix a bug, but that's not urgent). amd64, please test and stable bsdtar-2.2.4 (or, even better, 2.2.4-r1 if it's around when you stable) (In reply to comment #7) > amd64, please test and stable bsdtar-2.2.4 (or, even better, 2.2.4-r1 if it's > around when you stable) > done The package was renamed today (to avoid publishing a glsa bound to be invalidated by the move). that was GLSA 200708-03, thanks everybody! |