Summary: | <app-text/a2ps-4.14-r6 : insecure temporary file use (CVE-2001-1593) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | cjk |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B4 [noglsa cve] | ||
Package list: |
=app-text/a2ps-4.14-r6
|
Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-04-07 09:13:42 UTC
A patch is available here: https://bugs.debian.org/cgi-bin/bugreport.cgi?filename=a2ps-4.14-1.3-nmu.diff;att=1;bug=742902;msg=12 @ Maintainer(s): Upstream didn't work on the project since 2007. So let's add Debian's patch to get rid of this vulnerability. I prepared https://github.com/gentoo/gentoo/pull/3579 -- Please comment/approve/decline. Approved and applied. Thanks! commit 1802efb0b659c231f5e3c7c9e275603e6ae3c585 Author: Matthias Maier <tamiko@gentoo.org> Date: Mon Jan 23 21:06:31 2017 -0600 app-text/a2ps: drop vulnerable, bug #507024 Package-Manager: Portage-2.3.0, Repoman-2.3.1 commit d78cf9b0a31ec3209bdc43b2dcabe0606ff6af13 Author: Thomas Deutschmann <whissi@gentoo.org> Date: Sat Jan 21 17:28:53 2017 +0100 app-text/a2ps: Add patch for CVE-2001-1593 (bug #507024) Package-Manager: Portage-2.3.3, Repoman-2.3.1 Signed-off-by: Matthias Maier <tamiko@gentoo.org> @arches, please stabilize. Stable for HPPA PPC64. amd64 stable x86 stable Stable on alpha. sparc stable ppc stable ia64 stable arm stable, all arches done. @maintainer(s), please clean the vulnerable version. GLSA Vote: No Cleanup done Repository is clean, all done. |