Summary: | <app-arch/sharutils-4.15.2-r1: Buffer overflow | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Ian Zimmerman <nobrowser> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | base-system, cray | ||||
Priority: | Normal | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | https://security-tracker.debian.org/tracker/CVE-2018-1000097 | ||||||
Whiteboard: | A4 [noglsa cve] | ||||||
Package list: | Runtime testing required: | --- | |||||
Bug Depends on: | 674126 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Ian Zimmerman
2018-04-06 15:53:23 UTC
Created attachment 558684 [details, diff] Fix CVE-2018-1000097, heap buffer overflow in unshar From: Petr Pisar Subject: Fix CVE-2018-1000097, heap buffer overflow in unshar Bug-Debian: https://bugs.debian.org/893525 X-Debian-version: 1:4.15.2-3 This got lost in bugzilla due to no base-system cc, or classification. Re-surfacing! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=648bdf9134d87d5d6ca086b742964b77c3da87d8 commit 648bdf9134d87d5d6ca086b742964b77c3da87d8 Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2019-03-13 12:02:46 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2019-03-13 12:02:46 +0000 app-arch/sharutils: Add patch for CVE-2018-1000097 Bug: https://bugs.gentoo.org/652686 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> .../files/sharutils-4.15.2-CVE-2018-1000097.patch | 16 ++++++++++++++++ ...harutils-4.15.2.ebuild => sharutils-4.15.2-r1.ebuild} | 1 + 2 files changed, 17 insertions(+) Let's stabilize this together with glibc in bug 674126 Please drop vulnerable |