Summary: | <app-admin/abrt-2.10.9: abrt-hook-ccpp writes core dumps to existing files owned by others | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | gnome |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1212818 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
=dev-libs/satyr-0.26
=dev-libs/libreport-2.9.5
=dev-python/humanize-0.5.1
=app-admin/abrt-2.10.10-r2
|
Runtime testing required: | Yes |
Bug Depends on: | 451742 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2015-04-17 12:42:03 UTC
@ Maintainer(s): To fix this vulnerability you have to bump at least to =app-admin/abrt-2.1.11-20.el7 (which matches to the version required for bug 546798). The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=48ba7760fa6b26b4413be0125a7c9517f9bce8cb commit 48ba7760fa6b26b4413be0125a7c9517f9bce8cb Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2018-05-23 22:43:42 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2018-05-23 22:43:42 +0000 app-admin/abrt: bumpity bump bump Bug: https://bugs.gentoo.org/546798 Bug: https://bugs.gentoo.org/546912 Closes: https://bugs.gentoo.org/451742 Package-Manager: Portage-2.3.38, Repoman-2.3.9 app-admin/abrt/Manifest | 1 + app-admin/abrt/abrt-2.10.9.ebuild | 113 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 114 insertions(+) @arches, please stabilize. An automated check of this bug failed - repoman reported dependency errors (22 lines truncated):
> dependency.bad app-admin/abrt/abrt-2.10.10-r2.ebuild: RDEPEND: amd64(default/linux/amd64/17.0) ['dev-python/humanize[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_jython2_7(-),-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_7(-),python_single_target_python3_4(+)?,python_single_target_python3_5(+)?,python_single_target_python3_6(+)?]']
> dependency.bad app-admin/abrt/abrt-2.10.10-r2.ebuild: RDEPEND: amd64(default/linux/amd64/17.0/desktop) ['dev-python/humanize[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_jython2_7(-),-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_7(-),python_single_target_python3_4(+)?,python_single_target_python3_5(+)?,python_single_target_python3_6(+)?]']
> dependency.bad app-admin/abrt/abrt-2.10.10-r2.ebuild: RDEPEND: amd64(default/linux/amd64/17.0/desktop/gnome) ['dev-python/humanize[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_jython2_7(-),-python_single_target_pypy(-),-python_single_target_pypy3(-),-python_single_target_python2_7(-),-python_single_target_python3_7(-),python_single_target_python3_4(+)?,python_single_target_python3_5(+)?,python_single_target_python3_6(+)?]']
x86 stable amd64 stable @gnome, please clean vulnerable. yoooooo Gnome peoples... I knew you are the co-maintainer :D (In reply to Mart Raudsepp from comment #9) > I knew you are the co-maintainer :D Hah! I just helped out in bumping it... so we could close old sec bugs. |