Summary: | <net-misc/rsync-3.1.2-r2: Multiple vulnerabilities (CVE-2017-{17433,17434}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa+ cve] | ||
Package list: |
=net-misc/rsync-3.1.2-r2
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 636714 |
Description
GLSAMaker/CVETool Bot
2017-12-10 16:58:00 UTC
@Maintainers please confirm if we are affected. Call for stabilization when ready, please. Thank you The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c1dd842d0104a10bfe6778597676aaa139f8d360 commit c1dd842d0104a10bfe6778597676aaa139f8d360 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2017-12-10 19:05:40 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2017-12-10 19:06:59 +0000 net-misc/rsync: Rev bump to add patch for CVE-2017-{17433,17434} Bug: https://bugs.gentoo.org/640570 Package-Manager: Portage-2.3.16, Repoman-2.3.6 .../files/rsync-3.1.2-CVE-2017-17433-fixup.patch | 33 ++++++++ .../rsync/files/rsync-3.1.2-CVE-2017-17433.patch | 39 +++++++++ .../files/rsync-3.1.2-CVE-2017-17434-part1.patch | 22 +++++ .../files/rsync-3.1.2-CVE-2017-17434-part2.patch | 33 ++++++++ net-misc/rsync/rsync-3.1.2-r2.ebuild | 95 ++++++++++++++++++++++ 5 files changed, 222 insertions(+)} @ Arches, please test and mark stable: =net-misc/rsync-3.1.2-r2 amd64 stable x86 stable sparc stable (thanks to Rolf Eike Beer) ia64 stable ppc/ppc64 stable arm stable hppa stable (thanks to Rolf Eike Beer) commit a2d952b62defc160371ebf25bca7b4c1aad108aa Author: Mike Frysinger <vapier@gentoo.org> Date: Sat Jan 13 01:47:17 2018 -0500 dev-util/ninja: mark 1.8.2 arm64/m68k/s390/sh stable Stable on alpha. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4645d03255e620758f0bcad551c282061a7de26 commit f4645d03255e620758f0bcad551c282061a7de26 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2018-01-16 12:17:56 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2018-01-16 12:17:56 +0000 net-misc/rsync: Security cleanup Bug: https://bugs.gentoo.org/640570 Package-Manager: Portage-2.3.19, Repoman-2.3.6 net-misc/rsync/rsync-3.1.2-r1.ebuild | 89 ------------------------------------ 1 file changed, 89 deletions(-)} New GLSA request filed. This issue was resolved and addressed in GLSA 201801-16 at https://security.gentoo.org/glsa/201801-16 by GLSA coordinator Mikle Kolyada (Zlogene). |