Summary: | media-sound/bladeenc: global buffer overflow write | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ajak, fordfrog, sound |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://blogs.gentoo.org/ago/2017/09/19/bladeenc-global-buffer-overflow-in-iteration_loop-loop-c/ | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Deadline: | 2021-05-29 |
Description
Agostino Sarubbo
2017-09-19 07:57:04 UTC
Maintainer(s): Ping. bladeenc's homepage seems to be gone for a long time. It looks like few others have this package, it may be time to think of last-riting it. The only reverse dependency FWICS is media-sound/rip, last update early 2003. masked for removal The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=310d4c6c60f74d21bbbccaadf637ee218b9539b0 commit 310d4c6c60f74d21bbbccaadf637ee218b9539b0 Author: Jakov Smolic <jakov.smolic@sartura.hr> AuthorDate: 2021-05-26 09:31:29 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-05-26 12:34:04 +0000 media-sound/bladeenc: Remove last-rited pkg Bug: https://bugs.gentoo.org/631394 Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr> Signed-off-by: Sam James <sam@gentoo.org> media-sound/bladeenc/Manifest | 1 - media-sound/bladeenc/bladeenc-0.94.2-r1.ebuild | 15 --------------- media-sound/bladeenc/files/bladeenc-0.94.2-secfix.diff | 11 ----------- media-sound/bladeenc/metadata.xml | 8 -------- profiles/package.mask | 6 ------ 5 files changed, 41 deletions(-) New GLSA request filed This issue was resolved and addressed in GLSA 202107-18 at https://security.gentoo.org/glsa/202107-18 by GLSA coordinator John Helmert III (ajak). |