Summary: | www-apps/roundup < 1.4.4-r1 does not check property permissions (CVE-2008-1475) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Lars Hartmann <lars> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | minor | ||||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://secunia.com/advisories/29336 | ||||||
Whiteboard: | B4 [glsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Lars Hartmann
2008-03-25 10:20:26 UTC
Created attachment 147233 [details, diff]
patch
maintainers - please provide an updated ebuild 1.4.4-r1 in cvs Arches, please test and mark stable www-apps/roundup-1.4.4-r1 target : "amd64 ppc release sparc x86" x86 stable amd64 stable Sparc stable. ppc stable Removed vulnerable version. webapps done. Time for GLSA decision. I vote YES. Fixed in release snapshot. Voting YES and filing request. GLSA 200805-21 |