Summary: | <app-arch/cabextract-1.5: directory traversal with UTF-8 symbols in filenames (CVE-2015-2060) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | fonts |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1193952 | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-02-19 09:20:35 UTC
+ 29 Mar 2015; Ben de Groot <yngwin@gentoo.org> +cabextract-1.6.ebuild, + -cabextract-1.3.ebuild, cabextract-1.4.ebuild, metadata.xml: + Version bump, which fixes security bugs #538152 and #540626. Bump EAPI. Rename + extra-tools useflag to extras (bug #411643). Remove old. Not sure if this and bug #538152 can be considered a duplicates? One GLSA should probably be enough to cover this. STABLEREQ in bug 538152 GLSA Vote: No NO too, closing. |