Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 644496

Summary: <app-backup/tsm-7.1.8: multiple vulnerabilities (CVE-2017-{10115,10116})
Product: Gentoo Linux Reporter: Michael Weber (RETIRED) <xmw>
Component: Current packagesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: 2kmm, dilfridge
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www-01.ibm.com/support/docview.wss?uid=swg22009293
Whiteboard: ~2 [noglsa cve]
Package list:
Runtime testing required: ---
Attachments: ebuild for version 7.1.8.3

Description Michael Weber (RETIRED) gentoo-dev 2018-01-13 23:48:49 UTC 
There is an security issue documented at 
https://www-01.ibm.com/support/docview.wss?uid=swg22009293

I'm working on an updated ebuild and try to test the application.
Comment 1 Manuel Mommertz 2018-06-21 06:49:34 UTC 
Created attachment 536648 [details]
ebuild for version 7.1.8.3

As my institute wants to get rid of old versions I tried to update the ebuild. The result seems to work properly (ebuild installs, tsm-client runs without error).
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2019-03-24 03:33:24 UTC 
@maintainer, please drop the vulnerable.
Comment 3 Yury German Gentoo Infrastructure gentoo-dev 2019-03-27 22:57:16 UTC 
Maintainer(s), please drop the vulnerable version(s).
Comment 4 Aaron Bauman (RETIRED) gentoo-dev 2019-04-04 19:44:01 UTC 
tree is clean