Summary: | sys-apps/shadow utmp group symlink attack (CVE-2008-5394) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | flameeyes |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505271 | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Robert Buchholz (RETIRED)
2008-12-17 16:02:33 UTC
this is already fixed in shadow 4.1.2.2 ... i dont know of any reason to keep it from going stable base-system, please advice. Nothing against it going stable either, it's clear from the PAM standpoint. Arches, please test and mark stable: =sys-apps/shadow-4.1.2.2 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" amd64/x86 stable ppc64 done Stable on alpha. Sparc stable. Stable for HPPA. ppc stable ia64 stable, and the other arches are done vote: YES Yes, too. Request filed. GLSA 200903-24 |