Summary: | <media-libs/tiff-4.0.8: Multiple Vulnerabilities (CVE-2017-{7592,7593,7594}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | graphics+disabled |
Priority: | Normal | Keywords: | STABLEREQ |
Version: | unspecified | Flags: | stable-bot:
sanity-check+
|
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: |
media-libs/tiff-4.0.8
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 610330, 617996, 617998, 634784 |
Description
GLSAMaker/CVETool Bot
2017-05-16 06:19:16 UTC
commit fc2f6e62d508e8c39bd0de3fec2591394eb7f4a2 Author: Lars Wendler <polynomial-c@gentoo.org> Date: Mon May 22 09:32:13 2017 media-libs/tiff: Bump to version 4.0.8 Package-Manager: Portage-2.3.6, Repoman-2.3.2 Dunno if this version addresses all known vulnerabilites. Also, feel free to handle stabilization as required. All tests succeeded so I don't see any possible big issues arising with this version. Removing CVE-2017-5563 from this bug: It isn't clear if this was fixed. However, bmp2tiff utility is already removed, see https://bugs.gentoo.org/show_bug.cgi?id=585508#c1 @ Arches, please test and mark stable: =media-libs/tiff-4.0.8 amd64 stable ppc stable x86 stable ppc64 stable arm stable Stable on alpha. sparc stable ia64 stable Arches please finish stabilizing hppa. Gentoo Security Padawan ChrisADR New GLSA Request filed. It's been 4 months since stabilization request and there are several reports depending on this stabilization. @HPPA please finish stabilization. Gentoo Security Padawan ChrisADR This issue was resolved and addressed in GLSA 201709-27 at https://security.gentoo.org/glsa/201709-27 by GLSA coordinator Aaron Bauman (b-man). @maintainers, re-opened for cleanup and a chance for the remaining arches to catchup. Tests passed on hppa. stabled by jer (thanks to Rolf Eike Beer) @maintainer(s), please cleanup slot 0 |