Bug 509672

Summary:	net-firewall/fwknop-2.6.2 version bump / pkgmove
Product:	Gentoo Linux	Reporter:	Coacher <itumaykin+gentoo>
Component:	Current packages	Assignee:	Sven Vermeulen (RETIRED) <swift>
Status:	RESOLVED FIXED
Severity:	normal	CC:	proxy-maint
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://github.com/mrash/fwknop/releases/tag/2.6.2
Whiteboard:
Package list:		Runtime testing required:	---
Bug Depends on:	178546
Bug Blocks:

Description Coacher 2014-05-06 09:31:08 UTC

Hello.

fwknop reached version 2.6.2 recently. This release brings fix for a double free bug when using GPG backend.

Related part of Changelog:

fix double free bug in SPA parser discovered with the new
python SPA payload fuzzer [...]. This bug could be triggered
in fwknopd with a malicious SPA payload, but only when GnuPG is used and
when an attacker is in possession of valid GnuPG keys listed in the
access.conf file. In other words, an arbitrary attacker cannot trigger
this bug.


@proxy-maint, please increment version of the current fwknop-2.6.1 ebuild in tree.
fwknop-2.6.2 should replace fwknop-2.6.1, i.e. please also remove old fwknop-2.6.1 ebuild after it is replaced with the 2.6.2 one. Thanks.

Reproducible: Always

Comment 1 Sven Vermeulen (RETIRED) gentoo-dev

2014-05-28 16:20:12 UTC

Thanks, bumped.

Comment 2 Coacher 2014-05-31 23:05:54 UTC

Thanks for bump. But what about pkgmove?

Comment 3 Sven Vermeulen (RETIRED) gentoo-dev

2014-06-01 12:25:16 UTC

What pkgmove?

Comment 4 Coacher 2014-06-01 13:23:57 UTC

(In reply to Sven Vermeulen from comment #3)
> What pkgmove?

Change category from net-firewall/ to net-misc/. See also https://bugs.gentoo.org/show_bug.cgi?id=178546#c26

Comment 5 Coacher 2014-06-01 20:02:46 UTC

pkgmove considered unneeded after discussion with @proxy-main team. Closing.