Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 620104

Summary: net-misc/smb4k-2.0.1 version bump
Product: Gentoo Linux Reporter: Per Pomsel <phantom4>
Component: Current packagesAssignee: Gentoo KDE team <kde>
Status: RESOLVED OBSOLETE    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Per Pomsel 2017-05-29 11:35:50 UTC 
Version 2.0.1 of Smb4K is out.
Comment 1 Andreas Sturmlechner gentoo-dev 2017-05-29 12:10:36 UTC 
Not really necessary, 2.0.0-r1 already contains the security fix as the single change.
Comment 2 Andreas Sturmlechner gentoo-dev 2017-05-29 20:55:46 UTC 
Single commit between 2.0.1 and 2.0.0: https://cgit.kde.org/smb4k.git/log/?h=2.0.1

commit 383caa8657288b58c9851b69051fae01f73816c5

    Find the mount/umount commands in the helper
    instead of trusting what we get passed in
    CVE-2017-8849

See also in Gentoo:

commit d39d7aa14725bc031c1e1b588b7dafa9198111bd

    net-misc/smb4k: Security revbump
    
    Fixes CVE-2017-8849
    Gentoo-bug: 618106

 net-misc/smb4k/files/smb4k-1.2.3-CVE-2017-8849.patch | 365 
 net-misc/smb4k/files/smb4k-2.0.0-CVE-2017-8849.patch | 361 
 net-misc/smb4k/smb4k-1.2.3-r1.ebuild                 |  29 
 net-misc/smb4k/smb4k-2.0.0-r1.ebuild                 |  50