Summary: | <net-misc/tigervnc-1.4.2: Integer overflow vulnerability (CVE-2014-8240) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | maintainer-needed, n32 |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 539772, 567324 | ||
Bug Blocks: |
Description
GLSAMaker/CVETool Bot
2015-01-04 21:26:28 UTC
*** Bug 538416 has been marked as a duplicate of this bug. *** Any progress? 1.4 solves also #480124. 1.4.2 is out. https://github.com/TigerVNC/tigervnc/releases Added 1.3.1-r3, 1.3.1-r4. -r3 should be the target. But -r3 can be skipped if -r4 is done with bug 530652. Where? And I'd be happier if you added 1.4.2. It's already there (it wasn't when I looked). 1.3.1-r3 builds fine, 1.3.1-r4 needs resolving the mentioned bug. Unfortunatelly it doesn't solve bug 480124. Could you add 1.4.2? As Perfect Gentleman in Comment 3 mentioned, it's out. Many thanks in advance. (In reply to Jan Sever from comment #6) > It's already there (it wasn't when I looked). 1.3.1-r3 builds fine, 1.3.1-r4 > needs resolving the mentioned bug. Unfortunatelly it doesn't solve bug > 480124. Could you add 1.4.2? As Perfect Gentleman in Comment 3 mentioned, > it's out. > > Many thanks in advance. The version bump is being handled in bug 539714 New GLSA created. This issue was resolved and addressed in GLSA 201612-36 at https://security.gentoo.org/glsa/201612-36 by GLSA coordinator Aaron Bauman (b-man). |