Summary: | <dev-libs/libzip-0.10.1 information leak and heap overflow (CVE-2012-{1162,1163}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Hanno Böck
![]() =dev-libs/libzip-0.10.1 is now in tree. + 21 Mar 2012; Johannes Huber <johu@gentoo.org> +libzip-0.10.1.ebuild: + Version bump. Upstream security bug fix release. Fixes CVE-2012-1162, + CVE-2012-1163. Bug #409117. Thanks, much. Arches, please test and mark stable: =dev-libs/libzip-0.10.1 Target keywords : "amd64 hppa ppc ppc64 x86" amd64 stable Stable for HPPA. ppc done x86 stable ppc64 done Thanks, everyone. Already on existing GLSA request which is ready for review. Thanks all. Affected version removed from tree. Remove kde from cc. This issue was resolved and addressed in GLSA 201203-23 at http://security.gentoo.org/glsa/glsa-201203-23.xml by GLSA coordinator Sean Amoss (ackle). |