Summary: | dev-ruby/ruby-gtk2 <0.16.0-r2 "Gtk::MessageDialog.new()" Format String Vulnerability (CVE-2007-6183) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Lars Hartmann <lars> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | ruby | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://secunia.com/advisories/27825/ | ||||||
Whiteboard: | B2 [glsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Lars Hartmann
2007-11-28 11:12:52 UTC
lets wait for upstream to provide a fixed release Created attachment 137213 [details, diff]
patch
maintainers - please advice and include that patch if possible We have split up the Ruby-Gnome2 stuff into several packages. The specific code is part of dev-ruby/ruby-gtk2-0.16-r1 and older releases. I have just added dev-ruby/ruby-gtk2-0.16-r2 to CVS which contains the patch that Lars appended. @Lars: thanks for digging it up and appending it. Please ping if you think it's ready for stabling. arches - please test this ebuild and mark it stable as necessary target Package: dev-ruby/ruby-gtk-0.16-r2 target Arches: x86,ppc,sparc,amd64,alpha,ppc64,hppa x86 stable I removed the arches that lacked a testing/stable version from the list: target Package: dev-ruby/ruby-gtk-0.16-r2 target Arches: x86(done) ppc,sparc,amd64,alpha amd64 stable ppc stable alpha/ia64/sparc stable and is not keyworded on mips, ready for glsa filed. GLSa 200712-09 Does not affect current (2008.0) release. Removing release. |