Summary: | net-misc/curl <7.19.4 Arbitrary File Access (CVE-2009-0037) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | dragonheart | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://curl.haxx.se/mail/archive-2009-03/0010.html | ||||||
Whiteboard: | A3 [glsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Robert Buchholz (RETIRED)
2009-02-26 11:01:08 UTC
dragonheart/loki_val: Can you attach an ebuild applying the appropriate patch to this bug, so we can do prestable testing before the deadline here? Do not commit anything to CVS! Created attachment 183256 [details] curl-7.19.3-r1.ebuild cvs ebuild patch for ${FILESDIR} is http://curl.haxx.se/CVE-2009-0037/curl-CVSHEAD-CVE-2009-0037.patch i'll change it back to a tarball for the release. Arch Security Liaisons, please test the attached ebuild and report it stable on this bug. Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" CC'ing current Liaisons: alpha : yoswink, armin76 amd64 : keytoaster, tester hppa : jer ppc : dertobi123 ppc64 : corsair sparc : fmccor x86 : maekke, armin76 sparc looks good with the patch (tests run with no failures). amd64 seems fine: TESTDONE: 439 tests out of 439 reported OK: 100% TESTDONE: 526 tests were considered during 1040 seconds. HPPA is OK. Looks okay on alpha/arm/ia64/s390/sh/x86 This is public now, please commit the ebuild and mark it stable for the arches that approved. Thanks! added 7.19.4 and remaining arches ppc64 done tested - comment 5 thanks Tobias ppc stable, sorry for the delay. GLSA request filed. GLSA 200903-21, thanks everyone. |