Summary: | sys-apps/findutils: memory corruption flaw in parse_datetime() though embedded gnulib (CVE-2014-9471) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A2 [upsteam] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 600518 |
Description
Thomas Deutschmann (RETIRED)
2016-11-22 22:20:47 UTC
i don't know the specific version this fix started in, but 4.4.x didn't import this module, and 4.5.14+ includes the fix (Apr 2014), and 4.6.0 has been stable for a while now. |