Summary: | sys-apps/coreutils distcheck (dist-check.mk) symlink attack (CVE-2009-4135) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | minor | CC: | base-system |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=545439 | ||
Whiteboard: | B3 [stable?] | ||
Package list: | Runtime testing required: | --- |
Description
Stefan Behte (RETIRED)
2009-12-18 01:17:12 UTC
base-system: what are your plans for stabilizaton of 8.2, what do you think about backporting? Patch: http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=ae034822c535fa5 why would any distro care about security issues in the distcheck rule ? no one runs it, only the person upstream creating the release does. I'm not into autobuild, so this didn't ring a bell and I thought base-system might use it. Thanks for the elaboration. |