Summary: | net-mail/getmail-4.2 and -3.2.5 announced -- older versions are local exploitable if run as root | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Torsten Veller (RETIRED) <tove> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | net-mail+disabled |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG | ||
Whiteboard: | C1 [glsa] lewk | ||
Package list: | Runtime testing required: | --- |
Description
Torsten Veller (RETIRED)
2004-09-19 07:20:45 UTC
net-mail please confirm and provide updated ebuild if necessary. The ebuild for 4.2.0 now in CVS portage. archs, please mark stable. My summary wasn't as precise as i could be: "Fixed in versions 4.2.0 and 3.2.5." If getmail-3 should remain in the tree then bump to 3.2.5. We intended to remove getmail-3 from portage as soon as 4.0.2-r2 gets stable. As 4.2.0 will hopefully get marked stable soon, I'll remove -3 after that. marked 4.20 ppc If i need to mark every version stable from 3.2.5 till there please let me know (rather not but hey :-) ) greetings Sparc stable. Stable on x86 Stable on alpha. stable on amd64 As 4.2.0 is stable on all arches set for it, I'm finally removing all getmail-3 ebuilds. GLSA 200409-32 |