Summary: | <net-misc/nxnode-3.5.0.4, <net-misc/nxserver-freeedition-3.5.0.5: local command injection vulnerability (CVE-2011-3977) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Bernard Cafarelli <voyageur> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | nx |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.nomachine.com/news-read.php?idnews=352 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Bernard Cafarelli
2011-08-08 14:53:33 UTC
Thanks for the great detail, Bernard. Arches, please test and mark stable: =net-misc/nxclient-3.5.0.7 Target keywords : "amd64 x86" =net-misc/nxnode-3.5.0.4 Target keywords : "amd64 x86" =net-misc/nxserver-freeedition-3.5.0.5 Target keywords : "amd64 x86" x86 stable Take a look at bug 379959 that can't block this stabilization. amd64 ok all emerges and works amd64 done. Thanks Agostino and Ian Thanks, folks. GLSA request filed. Vulnerable versions removed from tree (thanks ago for the reminder in bug #384097) This issue was resolved and addressed in GLSA 201201-07 at http://security.gentoo.org/glsa/glsa-201201-07.xml by GLSA coordinator Sean Amoss (ackle). |