Summary: | <app-emulation/spice-vdagent-0.17.0_p20180319: Arbitrary command injection | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | dev-zero, virtualization |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B1 [glsa+ cve] | ||
Package list: |
app-emulation/spice-vdagent-0.17.0_p20180319-r1
|
Runtime testing required: | --- |
Bug Depends on: | 651102 | ||
Bug Blocks: |
Description
GLSAMaker/CVETool Bot
2018-03-09 15:40:51 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2209aa7d8367d86752cd4c059b25951f4a20c597 commit 2209aa7d8367d86752cd4c059b25951f4a20c597 Author: Matthias Maier <tamiko@gentoo.org> AuthorDate: 2018-03-19 16:06:08 +0000 Commit: Matthias Maier <tamiko@gentoo.org> CommitDate: 2018-03-19 16:09:45 +0000 app-emulation/spice-vdagent: version bump to 0.17.0_p20180319 Bug: https://bugs.gentoo.org/650020 Package-Manager: Portage-2.3.24, Repoman-2.3.6 app-emulation/spice-vdagent/Manifest | 1 + .../spice-vdagent-0.17.0_p20180319.ebuild | 70 ++++++++++++++++++++++ 2 files changed, 71 insertions(+)} Let's stabilize app-emulation/spice-vdagent-0.17.0_p20180319 that contains the upstream patches for CVE-2017-15108. amd64 stable An automated check of this bug failed - the following atom is unknown: app-emulation/spice-vdagent-0.17.0_p20180319 Please verify the atom list. An automated check of this bug succeeded - the previous repoman errors are now resolved. x86 stable New GLSA Request filed, @Maintainers please remove vulnerable versions. This issue was resolved and addressed in GLSA 201804-09 at https://security.gentoo.org/glsa/201804-09 by GLSA coordinator Aaron Bauman (b-man). re-opened for cleanup please clean The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a7d5d482ce1df9920ce0e34e5735ba2ea88107d0 commit a7d5d482ce1df9920ce0e34e5735ba2ea88107d0 Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2018-05-22 23:05:48 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2018-05-22 23:06:08 +0000 app-emulation/spice-vdagent: drop vulnerable Bug: https://bugs.gentoo.org/650020 Package-Manager: Portage-2.3.38, Repoman-2.3.9 .../spice-vdagent/spice-vdagent-0.17.0.ebuild | 63 ---------------------- 1 file changed, 63 deletions(-) |