Bug 352608 (CVE-2010-3362)

Summary:	<media-sound/lastfmplayer-1.5.4.26862-r3 unsafe LD_LIBRARY_PATH (CVE-2010-3362)
Product:	Gentoo Security	Reporter:	Markos Chandras (RETIRED) <hwoarang>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3362
Whiteboard:	B2 [glsa]
Package list:		Runtime testing required:	---

Description Markos Chandras (RETIRED) gentoo-dev

2011-01-24 16:18:05 UTC

Security problem. See $URL

Please stabilize ASAP

Last arch please remove affected (-r2) ebuild

Thank you

Comment 1 Agostino Sarubbo gentoo-dev

2011-01-24 18:05:16 UTC

amd64 ok

Comment 2 Markos Chandras (RETIRED) gentoo-dev

2011-01-24 18:18:02 UTC

amd64 done. Thanks Agostino

Comment 3 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev

2011-01-24 22:16:53 UTC

ppc stable

Comment 4 Christian Faulhammer (RETIRED) gentoo-dev

2011-01-25 12:39:17 UTC

stable x86

Comment 5 Markus Meier gentoo-dev

2011-02-05 12:17:34 UTC

no previous stable for arm, so we're done here.

Comment 6 Tim Sammut (RETIRED) gentoo-dev

2011-02-07 05:24:48 UTC

Thanks, folks. GLSA request filed.

Comment 7 Alex Legler (RETIRED) archtester

2012-11-09 18:19:13 UTC

nothing to stable here, glsa pending.

Comment 8 Justin Lecher (RETIRED) gentoo-dev

2013-08-14 09:59:46 UTC

(In reply to Alex Legler from comment #7)
> nothing to stable here, glsa pending.

still pending?

Comment 9 Markos Chandras (RETIRED) gentoo-dev

2014-11-15 11:18:38 UTC

ping

Comment 10 Mikle Kolyada (RETIRED) archtester

2014-11-18 07:53:01 UTC

This bug is too old. We will not produce glsa here.

Comment 11 Yury German Gentoo Infrastructure

2014-12-07 21:13:20 UTC

Setting back open for master GLSA

Comment 12 GLSAMaker/CVETool Bot gentoo-dev

2014-12-12 00:36:31 UTC

This issue was resolved and addressed in
 GLSA 201412-09 at http://security.gentoo.org/glsa/glsa-201412-09.xml
by GLSA coordinator Sean Amoss (ackle).