Bug 308075 (CVE-2010-0792)

Comment 1 Diego Elio Pettenò (RETIRED) 2010-03-10 01:43:10 UTC

Security, 3.0.5 is in tree now.

Only bad note on that is that it depends on a newly-added pambase, but since I only changed the system-services stack it should be fine to go stable as it is even right now.

Thanks!

Comment 2 Diego Elio Pettenò (RETIRED) 2010-03-11 13:31:36 UTC

3.0.5-r1 is the stable candidate if security wants a new stable.

Comment 3 Stefan Behte (RETIRED) 2010-03-18 00:07:33 UTC

Arches, please test and mark stable:
=sys-process/fcron-3.0.5-r2
Target keywords : "amd64 hppa ppc sparc x86"

Comment 4 Christian Faulhammer (RETIRED) 2010-03-18 16:35:42 UTC

x86 stable

Comment 5 Brent Baude (RETIRED) 2010-03-23 20:01:19 UTC

this deps a non-stable version of pambase for most arches.  advice?

Comment 6 Jeroen Roovers (RETIRED) 2010-03-24 05:53:51 UTC

Stable for HPPA.

Comment 7 Markus Meier 2010-03-29 21:47:45 UTC

amd64 stable

Comment 8 Raúl Porcel (RETIRED) 2010-04-04 19:09:57 UTC

sparc stable

Comment 9 Brent Baude (RETIRED) 2010-04-15 15:09:16 UTC

ppc done; closing as last arch

Comment 10 Diego Elio Pettenò (RETIRED) 2010-04-15 15:15:12 UTC

Reopening, this is a security bug.

Comment 11 Stefan Behte (RETIRED) 2010-05-22 11:13:38 UTC

GLSA vote: yes

Comment 12 Tobias Heinlein (RETIRED) 2010-08-14 14:44:18 UTC

YES too, request filed.

3.0.5-r2 is the oldest available version in the tree. Is there still a need for a GLSA ?

Comment 14 Stefan Behte (RETIRED) 2011-02-22 21:51:06 UTC

Yes.

Comment 15 GLSAMaker/CVETool Bot 2013-11-25 17:53:41 UTC

This issue was resolved and addressed in
 GLSA 201311-16 at http://security.gentoo.org/glsa/glsa-201311-16.xml
by GLSA coordinator Sergey Popov (pinkbyte).