Summary: | <media-gfx/exiv2-0.24-r1: Buffer overflow vulnerability (CVE-2014-9449) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | pacho |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2015-01-04 13:20:03 UTC
Fedora is applying this patch already: http://pkgs.fedoraproject.org/cgit/exiv2.git/plain/exiv2-0.24-CVE-2014-9449.patch *** Bug 526042 has been marked as a duplicate of this bug. *** (In reply to Pacho Ramos from comment #1) > Fedora is applying this patch already: > http://pkgs.fedoraproject.org/cgit/exiv2.git/plain/exiv2-0.24-CVE-2014-9449. > patch Thanks. + + 20 Jan 2015; Johannes Huber <johu@gentoo.org> +exiv2-0.24-r1.ebuild, + +files/exiv2-0.24-CVE-2014-9449.patch: + Revision bump adds patch from fedora to fix CVE-2014-9449, bug #534608. Thanks + to Pacho Ramos <pacho@gentoo.org> for spotting the patch. + Arches please stabilize =media-gfx/exiv2-0.24-r1 amd64 stable x86 stable Stable for HPPA. alpha stable arm stable ppc stable sparc stable ppc64 stable ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Maintainer(s), Thank you for you for cleanup. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s). Cleanup done by Manuel. Removing maintainer from cc then. + + 30 May 2015; Manuel RĂ¼ger <mrueg@gentoo.org> -exiv2-0.23-r1.ebuild, + -exiv2-0.23-r2.ebuild, -exiv2-0.24.ebuild: + Remove old. + Maintainer(s), Thank you for you for cleanup. This issue was resolved and addressed in GLSA 201507-03 at https://security.gentoo.org/glsa/201507-03 by GLSA coordinator Mikle Kolyada (Zlogene). |