Summary: | <net-irc/irssi-0.8.21: multiple vulnerabilities (CVE-2017-{5193,5194,9195,9196}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | monsieurp, swegener |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://irssi.org/security/irssi_sa_2017_01.txt | ||
Whiteboard: | B2 [glsa cve cleanup] | ||
Package list: |
=net-irc/irssi-0.8.21
|
Runtime testing required: | --- |
Description
Hanno Böck
2017-01-05 17:40:54 UTC
<hat type="infra"> I have bumped the ebuild for irssi-0.8.21, to deploy it on infra. I did not do the 1.0.0 major bump. Had started on it before this bug was filed, because upstream had pinged infra about the bump. </hat> ebuild irssi-0.8.21 is in portage, we can close this as "fixed"? or why not also add to version 1.0? (In reply to tman from comment #2) > ebuild irssi-0.8.21 is in portage, we can close this as "fixed"? or why not > also add to version 1.0? v0.8.21 is sufficient to address these vulnerabilities in Gentoo. Please read https://www.gentoo.org/support/security/vulnerability-treatment-policy.html to learn more about how Gentoo treats vulnerabilities and why this bug can't be closed as resolved yet. @ Maintainer(s): Please test and mark stable: =net-irc/irssi-0.8.21 CVEs were assigned: http://www.openwall.com/lists/oss-security/2017/01/06/1 amd64 stable Stable on alpha Stable for PPC64. x86 stable sparc stable arm stable Stable for HPPA. ppc stable ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. GLSA request filed. This issue was resolved and addressed in GLSA 201701-45 at https://security.gentoo.org/glsa/201701-45 by GLSA coordinator Thomas Deutschmann (whissi). |