Summary: | <app-office/pinpoint-0.1.8-r1: integer overflow (CVE-2013-7447) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | gnome |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.gnome.org/show_bug.cgi?id=762029 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
app-office/pinpoint-0.1.8-r1
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 574372 |
Description
Kristian Fiskerstrand (RETIRED)
![]() @gnome could you confirm if package still vulnerable? Thank you, Gentoo Security Padawan ChrisADR (In reply to Christopher Díaz Riveros from comment #1) > @gnome could you confirm if package still vulnerable? > > Thank you, > > Gentoo Security Padawan > ChrisADR It is still vulnerable based on the upstream code in pinpoint-0.1.8 and the suggested patch referenced in the tracking bug. [master 5dd55b83cc7] app-office/pinpoint: Fix CVE-2013-7447 (#574384) 2 files changed, 83 insertions(+) create mode 100644 app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch create mode 100644 app-office/pinpoint/pinpoint-0.1.8-r1.ebuild And it seems to still work for me x86 stable The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=58d6e1dd9160691073e81d4f7d2a25bf9be4f834 commit 58d6e1dd9160691073e81d4f7d2a25bf9be4f834 Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2018-03-30 13:21:20 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2018-03-30 13:32:10 +0000 app-office/pinpoint: amd64 stable Bug: https://bugs.gentoo.org/574384 Package-Manager: Portage-2.3.26, Repoman-2.3.7 app-office/pinpoint/pinpoint-0.1.8-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)} The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a4ea394ad712beac42dd44aea9225a14efcc194d commit a4ea394ad712beac42dd44aea9225a14efcc194d Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2018-04-03 19:09:25 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2018-04-03 19:09:25 +0000 app-office/pinpoint: drop vulnerable Bug: https://bugs.gentoo.org/574384 Package-Manager: Portage-2.3.28, Repoman-2.3.9 app-office/pinpoint/pinpoint-0.1.8.ebuild | 47 ------------------------------- 1 file changed, 47 deletions(-)} |