Summary: | <net-libs/openslp-2.0.0-r2: null pointer dereference | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2016/05/18/1 | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 595542 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2016-05-18 10:31:06 UTC
Fedora patch @ https://pkgs.fedoraproject.org/cgit/rpms/openslp.git/plain/openslp-2.0.0-null-pointer-deref.patch commit a5ebb986de32e702fece9392cc511a6e2d31f08a Author: Andreas K. Hüttel <dilfridge@gentoo.org> Date: Sat Feb 18 14:01:53 2017 +0100 net-libs/openslp: EAPI bump, add Fedora patch for CVE 2016-4912 Package-Manager: Portage-2.3.3, Repoman-2.3.1 net-libs/openslp/files/openslp-2.0.0-CVE-2016-4912.patch | 15 +++++++++++++++ net-libs/openslp/openslp-2.0.0-r2.ebuild | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) Added the patch from Fedora. Since 2.0.0 is only freshly rekeyworded we should probably wait a bit now. Maintainer(s), please advise if you are ready for stabilization or call for stabilization yourself. Added to an existing GLSA. Nothing to do for printing here anymore. This issue was resolved and addressed in GLSA 201707-05 at https://security.gentoo.org/glsa/201707-05 by GLSA coordinator Thomas Deutschmann (whissi). |