Summary: | <net-firewall/firewalld-0.4.3.3: Firewall configuration can be modified by any logged in user (CVE-2016-5410) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | virtualization |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2016/08/16/3 | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2016-08-17 11:52:16 UTC
Fixed in: 0.4.3.3 Vulnerable version left in tree: 0.3.13 commit 997165cd4bf00585c5579a29997d2246786c8dfd Author: Matthias Maier <tamiko@gentoo.org> Date: Wed Aug 17 08:44:32 2016 -0500 net-firewall/firewalld: drop vulnerable 0.4.2-r1, bug #591458 Package-Manager: portage-2.2.28 commit fa9ddf5093c3c25d62058128b868307b04dfe059 Author: Matthias Maier <tamiko@gentoo.org> Date: Wed Aug 17 08:43:47 2016 -0500 net-firewall/firewalld: version bump to 0.4.3.3 (CVE-2016-5410), bug #591458 Version 0.4.3.3 contains upstream fixes for CVE-2016-5410 Package-Manager: portage-2.2.28 Arches, please stabilize =net-firewall/firewalld-0.4.3.3 Target keywords: "amd64 x86" amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. commit 19e332c3aca10d0c1693f50a4811bc07cef9fab6 Author: Matthias Maier <tamiko@gentoo.org> Date: Thu Sep 29 08:53:08 2016 -0500 net-firewall/firewalld: drop vulnerable, bug #591458 Package-Manager: portage-2.3.0 This issue was resolved and addressed in GLSA 201701-70 at https://security.gentoo.org/glsa/201701-70 by GLSA coordinator Thomas Deutschmann (whissi). |