Summary: | <dev-libs/botan-2.5.0 - improper handling of wildcard certificates | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jack Lloyd <lloyd> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | crypto+disabled, lloyd, proxy-maint |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
dev-libs/botan-2.5.0
|
Runtime testing required: | No |
Description
Jack Lloyd
2018-04-02 21:50:11 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=581cab67637a9f8e159491f0d0bde735af207532 commit 581cab67637a9f8e159491f0d0bde735af207532 Author: Alon Bar-Lev <alonbl@gentoo.org> AuthorDate: 2018-04-03 06:27:40 +0000 Commit: Alon Bar-Lev <alonbl@gentoo.org> CommitDate: 2018-04-03 06:28:09 +0000 dev-libs/botan: version bump Bug: https://bugs.gentoo.org/show_bug.cgi?id=652254 Package-Manager: Portage-2.3.24, Repoman-2.3.6 dev-libs/botan/Manifest | 1 + dev-libs/botan/{botan-9999.ebuild => botan-2.5.0.ebuild} | 16 +++++++--------- 2 files changed, 8 insertions(+), 9 deletions(-)} @arches, please stabilize. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=333710817abdda2fbb2ad1859fb317f6f59ed76f commit 333710817abdda2fbb2ad1859fb317f6f59ed76f Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2018-04-04 16:02:09 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2018-04-04 16:13:41 +0000 dev-libs/botan: amd64 stable Bug: https://bugs.gentoo.org/652254 Package-Manager: Portage-2.3.28, Repoman-2.3.9 dev-libs/botan/botan-2.5.0.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)} x86 stable @ Maintainer(s): Please cleanup and drop <dev-libs/botan-2.5.0! Botan 1.10 is not affected by this issue so there is no need to drop it if there are still any extant deps that require 1.10 API The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4b2fee6ac6d3e5d35cb0baa7d2c31c32029eaa4c commit 4b2fee6ac6d3e5d35cb0baa7d2c31c32029eaa4c Author: Alon Bar-Lev <alonbl@gentoo.org> AuthorDate: 2018-04-08 11:10:37 +0000 Commit: Alon Bar-Lev <alonbl@gentoo.org> CommitDate: 2018-04-08 19:21:08 +0000 dev-libs/botan: cleanup Bug: https://bugs.gentoo.org/show_bug.cgi?id=652254 Package-Manager: Portage-2.3.24, Repoman-2.3.6 dev-libs/botan/Manifest | 1 - dev-libs/botan/botan-2.3.0.ebuild | 113 --------------------------- dev-libs/botan/files/botan-2.3.0-build.patch | 48 ------------ 3 files changed, 162 deletions(-)} (In reply to Larry the Git Cow from comment #7) > The bug has been referenced in the following commit(s): > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > ?id=4b2fee6ac6d3e5d35cb0baa7d2c31c32029eaa4c > > commit 4b2fee6ac6d3e5d35cb0baa7d2c31c32029eaa4c > Author: Alon Bar-Lev <alonbl@gentoo.org> > AuthorDate: 2018-04-08 11:10:37 +0000 > Commit: Alon Bar-Lev <alonbl@gentoo.org> > CommitDate: 2018-04-08 19:21:08 +0000 > > dev-libs/botan: cleanup > > Bug: https://bugs.gentoo.org/show_bug.cgi?id=652254 > Package-Manager: Portage-2.3.24, Repoman-2.3.6 > > dev-libs/botan/Manifest | 1 - > dev-libs/botan/botan-2.3.0.ebuild | 113 > --------------------------- > dev-libs/botan/files/botan-2.3.0-build.patch | 48 ------------ > 3 files changed, 162 deletions(-)} Thanks, Alon! GLSA Vote: No |