Bug 250554 (CVE-2008-5368)

Comment 1 Stefan Behte (RETIRED) 2009-01-05 21:48:52 UTC

*ping*

Comment 2 Stefan Behte (RETIRED) 2009-01-14 12:33:02 UTC

0.73 has fixed the symlink attack. It's available on sf.net.

Comment 3 Stefan Behte (RETIRED) 2009-01-15 01:31:14 UTC

It's not viewable on http://muttprint.sourceforge.net, so here is the link:
http://sourceforge.net/project/showfiles.php?group_id=33943

Comment 4 Torsten Veller (RETIRED) 2009-03-09 15:48:42 UTC

0.72d-r1 is a patched version.

Comment 5 Robert Buchholz (RETIRED) 2009-03-09 16:10:31 UTC

Arches, please test and mark stable:
=app-misc/muttprint-0.72d-r1
Target keywords : "alpha amd64 ia64 ppc ppc64 x86"

Comment 6 Markus Meier 2009-03-09 21:14:06 UTC

amd64/x86 stable

Comment 7 Brent Baude (RETIRED) 2009-03-11 13:56:57 UTC

ppc64 done

Comment 8 Tobias Klausmann (RETIRED) 2009-03-11 18:41:14 UTC

Stable on alpha.

Comment 9 Raúl Porcel (RETIRED) 2009-03-13 16:44:05 UTC

ia64 stable

Comment 10 Brent Baude (RETIRED) 2009-03-18 22:16:26 UTC

ppc done

Comment 11 Tobias Heinlein (RETIRED) 2009-03-22 20:16:46 UTC

Ready for vote, I vote YES.

Comment 12 Alex Legler (RETIRED) 2009-03-22 20:25:07 UTC

YES too, request filed

Comment 13 Pierre-Yves Rofes (RETIRED) 2009-03-23 21:59:05 UTC

GLSA 200903-35