Summary: | <net-libs/nghttp2-1.6.0: Heap-use-after-free (CVE-2015-8659) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | vapier |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/ | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Hanno Böck
2015-12-23 16:50:31 UTC
1.6.0 is already in the tree is ready to go to stable? probably. no one has complained thus far. Arches, please test and mark stable: =net-libs/nghttp2-1.6.0 Target Keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86" Thank you! amd64 stable x86 stable Stable for HPPA PPC64. ppc stable sparc stable alpha stable ia64 stable all arches done now Arches and Maintainer(s), Thank you for your work. New GLSA Request filed. This issue was resolved and addressed in GLSA 201612-06 at https://security.gentoo.org/glsa/201612-06 by GLSA coordinator Aaron Bauman (b-man). |