Summary: | <net-analyzer/wireshark-2.6.1: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon, ruby |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.wireshark.org/lists/wireshark-announce/201805/msg00000.html | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
net-analyzer/wireshark-2.6.1
media-libs/bcg729-1.0.4
dev-libs/libmaxminddb-1.2.1
dev-ruby/asciimath-1.0.4 amd64 x86
dev-ruby/haml-4.0.7-r1 amd64 x86
dev-ruby/temple-0.8.0 amd64 x86
dev-ruby/redcarpet-3.4.0 amd64 x86
dev-ruby/slim-3.0.9 amd64 x86
dev-ruby/asciidoctor-1.5.5-r1 amd64 x86
|
Runtime testing required: | --- |
Bug Depends on: | 661578 | ||
Bug Blocks: |
Description
Jeroen Roovers (RETIRED)
![]() CVE-2018-11362 (https://nvd.nist.gov/vuln/detail/CVE-2018-11362): In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character. CVE-2018-11361 (https://nvd.nist.gov/vuln/detail/CVE-2018-11361): In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey. CVE-2018-11360 (https://nvd.nist.gov/vuln/detail/CVE-2018-11360): In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow. CVE-2018-11359 (https://nvd.nist.gov/vuln/detail/CVE-2018-11359): In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. CVE-2018-11358 (https://nvd.nist.gov/vuln/detail/CVE-2018-11358): In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup. CVE-2018-11357 (https://nvd.nist.gov/vuln/detail/CVE-2018-11357): In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. CVE-2018-11356 (https://nvd.nist.gov/vuln/detail/CVE-2018-11356): In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record. CVE-2018-11355 (https://nvd.nist.gov/vuln/detail/CVE-2018-11355): In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks. CVE-2018-11354 (https://nvd.nist.gov/vuln/detail/CVE-2018-11354): In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling. @Arches, please test and mark stable. Thank you, An automated check of this bug failed - repoman reported dependency errors (198 lines truncated):
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['media-libs/bcg729', 'dev-libs/libmaxminddb', 'dev-ruby/asciidoctor']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: RDEPEND: alpha(default/linux/alpha/13.0) ['media-libs/bcg729', 'dev-libs/libmaxminddb']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['media-libs/bcg729', 'dev-libs/libmaxminddb', 'dev-ruby/asciidoctor']
net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: amd64(default/linux/amd64/17.0/desktop) ['media-libs/bcg729', 'dev-ruby/asciidoctor'] And so on @ Maintainer(s): I suggest to add "bcg729" to p.use.mask or p.use.stable.mask and just unmask for amd64 and x86. Of course, media-libs/bcg729 + deps must be added to package list for amd64/x86... The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa5c8511a88fdd0d06b4046ed41e33f606f6a78a commit aa5c8511a88fdd0d06b4046ed41e33f606f6a78a Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-05-31 09:55:40 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-05-31 09:55:40 +0000 net-analyzer/wireshark: stable 2.6.1 for ia64, bug #656806 Bug: https://bugs.gentoo.org/656806 Package-Manager: Portage-2.3.38, Repoman-2.3.9 RepoMan-Options: --include-arches="ia64" net-analyzer/wireshark/wireshark-2.6.1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7265725e416f80d9bf9c2efe9ddb612ce687148b commit 7265725e416f80d9bf9c2efe9ddb612ce687148b Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-05-31 09:55:34 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-05-31 09:55:34 +0000 dev-libs/libmaxminddb: stable 1.2.1 for ia64, bug #656806 Bug: https://bugs.gentoo.org/656806 Package-Manager: Portage-2.3.38, Repoman-2.3.9 RepoMan-Options: --include-arches="ia64" dev-libs/libmaxminddb/libmaxminddb-1.2.1.ebuild | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ec591bd91b79cc2a210abd408ce4ad98790fcfa commit 4ec591bd91b79cc2a210abd408ce4ad98790fcfa Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-05-31 09:54:24 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-05-31 09:54:24 +0000 media-libs/bcg729: stable 1.0.4 for ia64, bug #656806 Bug: https://bugs.gentoo.org/656806 Package-Manager: Portage-2.3.38, Repoman-2.3.9 RepoMan-Options: --include-arches="ia64" media-libs/bcg729/bcg729-1.0.4.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) An automated check of this bug failed - repoman reported dependency errors (166 lines truncated):
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['media-libs/bcg729', 'dev-libs/libmaxminddb', 'dev-ruby/asciidoctor']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: RDEPEND: alpha(default/linux/alpha/13.0) ['media-libs/bcg729', 'dev-libs/libmaxminddb']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['media-libs/bcg729', 'dev-libs/libmaxminddb', 'dev-ruby/asciidoctor']
An automated check of this bug failed - repoman reported dependency errors (30 lines truncated):
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['dev-ruby/asciidoctor']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['dev-ruby/asciidoctor']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0/desktop) ['dev-ruby/asciidoctor']
@ Alpha, if you don't want to keyword & stabilize =dev-ruby/asciidoctor-1.5.5-r1, please p.u.mask "doc". An automated check of this bug failed - repoman reported dependency errors (27 lines truncated):
> dependency.bad dev-ruby/asciidoctor/asciidoctor-1.5.5-r1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['dev-ruby/asciimath[ruby_targets_ruby23]', 'dev-ruby/erubis[ruby_targets_ruby23]', 'dev-ruby/haml[ruby_targets_ruby23]', 'dev-ruby/slim[ruby_targets_ruby23]', 'dev-ruby/tilt[ruby_targets_ruby23]']
> dependency.bad dev-ruby/asciidoctor/asciidoctor-1.5.5-r1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['dev-ruby/asciimath[ruby_targets_ruby23]', 'dev-ruby/erubis[ruby_targets_ruby23]', 'dev-ruby/haml[ruby_targets_ruby23]', 'dev-ruby/slim[ruby_targets_ruby23]', 'dev-ruby/tilt[ruby_targets_ruby23]']
> dependency.bad dev-ruby/asciidoctor/asciidoctor-1.5.5-r1.ebuild: DEPEND: alpha(default/linux/alpha/13.0/desktop) ['dev-ruby/asciimath[ruby_targets_ruby23]', 'dev-ruby/erubis[ruby_targets_ruby23]', 'dev-ruby/haml[ruby_targets_ruby23]', 'dev-ruby/slim[ruby_targets_ruby23]', 'dev-ruby/tilt[ruby_targets_ruby23]']
Added p.u.mask for alpha via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ef96e45192e28b98f32ad59233349986da2aafce An automated check of this bug failed - repoman reported dependency errors (27 lines truncated):
> dependency.bad dev-ruby/asciidoctor/asciidoctor-1.5.5-r1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['dev-ruby/asciimath[ruby_targets_ruby23]', 'dev-ruby/erubis[ruby_targets_ruby23]', 'dev-ruby/haml[ruby_targets_ruby23]', 'dev-ruby/slim[ruby_targets_ruby23]', 'dev-ruby/tilt[ruby_targets_ruby23]']
> dependency.bad dev-ruby/asciidoctor/asciidoctor-1.5.5-r1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['dev-ruby/asciimath[ruby_targets_ruby23]', 'dev-ruby/erubis[ruby_targets_ruby23]', 'dev-ruby/haml[ruby_targets_ruby23]', 'dev-ruby/slim[ruby_targets_ruby23]', 'dev-ruby/tilt[ruby_targets_ruby23]']
> dependency.bad dev-ruby/asciidoctor/asciidoctor-1.5.5-r1.ebuild: DEPEND: alpha(default/linux/alpha/13.0/desktop) ['dev-ruby/asciimath[ruby_targets_ruby23]', 'dev-ruby/erubis[ruby_targets_ruby23]', 'dev-ruby/haml[ruby_targets_ruby23]', 'dev-ruby/slim[ruby_targets_ruby23]', 'dev-ruby/tilt[ruby_targets_ruby23]']
An automated check of this bug failed - repoman reported dependency errors (17 lines truncated):
> dependency.bad dev-ruby/asciidoctor/asciidoctor-1.5.5-r1.ebuild: DEPEND: amd64(default/linux/amd64/17.0) ['dev-ruby/asciimath[ruby_targets_ruby23]', 'dev-ruby/haml[ruby_targets_ruby23]', 'dev-ruby/slim[ruby_targets_ruby23]']
> dependency.bad dev-ruby/asciidoctor/asciidoctor-1.5.5-r1.ebuild: DEPEND: amd64(default/linux/amd64/17.0/desktop) ['dev-ruby/asciimath[ruby_targets_ruby23]', 'dev-ruby/haml[ruby_targets_ruby23]', 'dev-ruby/slim[ruby_targets_ruby23]']
> dependency.bad dev-ruby/asciidoctor/asciidoctor-1.5.5-r1.ebuild: DEPEND: amd64(default/linux/amd64/17.0/desktop/gnome) ['dev-ruby/asciimath[ruby_targets_ruby23]', 'dev-ruby/haml[ruby_targets_ruby23]', 'dev-ruby/slim[ruby_targets_ruby23]']
An automated check of this bug failed - repoman reported dependency errors (74 lines truncated):
> dependency.bad dev-ruby/slim/slim-3.0.9.ebuild: DEPEND: amd64(default/linux/amd64/17.0) ['>=dev-ruby/temple-0.7.6:0.7[ruby_targets_ruby23]', 'dev-ruby/redcarpet[ruby_targets_ruby23]']
> dependency.bad dev-ruby/slim/slim-3.0.9.ebuild: RDEPEND: amd64(default/linux/amd64/17.0) ['>=dev-ruby/temple-0.7.6:0.7[ruby_targets_ruby23]']
> dependency.bad dev-ruby/slim/slim-3.0.9.ebuild: DEPEND: amd64(default/linux/amd64/17.0/desktop) ['>=dev-ruby/temple-0.7.6:0.7[ruby_targets_ruby23]', 'dev-ruby/redcarpet[ruby_targets_ruby23]']
> dependency.bad dev-ruby/haml/haml-5.0.4.ebuild: DEPEND: amd64(default/linux/amd64/17.0) ['>=dev-ruby/temple-0.8.0[ruby_targets_ruby23]', 'dev-ruby/railties:5.2[ruby_targets_ruby23]', 'dev-ruby/activemodel:5.2[ruby_targets_ruby23]', 'dev-ruby/actionpack:5.2[ruby_targets_ruby23]']
> dependency.bad dev-ruby/haml/haml-5.0.4.ebuild: RDEPEND: amd64(default/linux/amd64/17.0) ['>=dev-ruby/temple-0.8.0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/haml/haml-5.0.4.ebuild: DEPEND: amd64(default/linux/amd64/17.0/desktop) ['>=dev-ruby/temple-0.8.0[ruby_targets_ruby23]', 'dev-ruby/railties:5.2[ruby_targets_ruby23]', 'dev-ruby/activemodel:5.2[ruby_targets_ruby23]', 'dev-ruby/actionpack:5.2[ruby_targets_ruby23]']
An automated check of this bug failed - the following invalid arch is referenced in the atom list: md64 An automated check of this bug failed - repoman reported dependency errors (431 lines truncated):
> dependency.bad dev-ruby/railties/railties-5.2.0.ebuild: DEPEND: amd64(default/linux/amd64/17.0) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/railties/railties-5.2.0.ebuild: DEPEND: amd64(default/linux/amd64/17.0/desktop) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/railties/railties-5.2.0.ebuild: DEPEND: amd64(default/linux/amd64/17.0/desktop/gnome) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/actionpack/actionpack-5.2.0.ebuild: DEPEND: amd64(default/linux/amd64/17.0) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/actionpack/actionpack-5.2.0.ebuild: RDEPEND: amd64(default/linux/amd64/17.0) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/actionpack/actionpack-5.2.0.ebuild: DEPEND: amd64(default/linux/amd64/17.0/desktop) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/activesupport/activesupport-5.2.0.ebuild: DEPEND: arm(default/linux/arm/13.0) ['>=dev-ruby/concurrent-ruby-1.0.2:1[ruby_targets_ruby23]', 'dev-ruby/i18n:1[ruby_targets_ruby23]', '>=dev-ruby/tzinfo-1.1:1[ruby_targets_ruby23]', '>=dev-ruby/dalli-2.2.1[ruby_targets_ruby23]', '>=dev-ruby/listen-3.0.5:3[ruby_targets_ruby23]']
> dependency.bad dev-ruby/activesupport/activesupport-5.2.0.ebuild: RDEPEND: arm(default/linux/arm/13.0) ['>=dev-ruby/concurrent-ruby-1.0.2:1[ruby_targets_ruby23]', 'dev-ruby/i18n:1[ruby_targets_ruby23]', '>=dev-ruby/tzinfo-1.1:1[ruby_targets_ruby23]']
> dependency.bad dev-ruby/activesupport/activesupport-5.2.0.ebuild: DEPEND: ppc(default/linux/powerpc/ppc32/13.0) ['>=dev-ruby/concurrent-ruby-1.0.2:1[ruby_targets_ruby23]', 'dev-ruby/i18n:1[ruby_targets_ruby23]', '>=dev-ruby/dalli-2.2.1[ruby_targets_ruby23]', '>=dev-ruby/listen-3.0.5:3[ruby_targets_ruby23]']
An automated check of this bug failed - repoman reported dependency errors (589 lines truncated):
> dependency.bad dev-ruby/tzinfo/tzinfo-1.2.5.ebuild: DEPEND: arm(default/linux/arm/13.0) ['>=dev-ruby/thread_safe-0.1:0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/tzinfo/tzinfo-1.2.5.ebuild: RDEPEND: arm(default/linux/arm/13.0) ['>=dev-ruby/thread_safe-0.1:0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/tzinfo/tzinfo-1.2.5.ebuild: DEPEND: ppc64(default/linux/powerpc/ppc64/17.0/64bit-userland) ['>=dev-ruby/thread_safe-0.1:0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/concurrent-ruby/concurrent-ruby-1.0.5.ebuild: DEPEND: arm(default/linux/arm/13.0) ['>=dev-ruby/timecop-0.7.4[ruby_targets_ruby23]']
> dependency.badindev dev-ruby/concurrent-ruby/concurrent-ruby-1.0.5.ebuild: DEPEND: arm(default/linux/arm/13.0/armv4) ['>=dev-ruby/timecop-0.7.4[ruby_targets_ruby23]']
> dependency.badindev dev-ruby/concurrent-ruby/concurrent-ruby-1.0.5.ebuild: DEPEND: arm(default/linux/arm/13.0/armv4/desktop) ['>=dev-ruby/timecop-0.7.4[ruby_targets_ruby23]']
> dependency.bad dev-ruby/actionpack/actionpack-5.2.0.ebuild: DEPEND: arm(default/linux/arm/13.0) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]', 'dev-ruby/rack:2.0[ruby_targets_ruby23]', '>=dev-ruby/rack-test-0.6.3:*[ruby_targets_ruby23]', '>=dev-ruby/rails-html-sanitizer-1.0.2:1[ruby_targets_ruby23]', 'dev-ruby/rails-dom-testing:2[ruby_targets_ruby23]', '>=dev-ruby/capybara-2.13:2[ruby_targets_ruby23]', '>=dev-ruby/rack-cache-1.2:1.2[ruby_targets_ruby23]', 'www-servers/puma[ruby_targets_ruby23]']
> dependency.bad dev-ruby/actionpack/actionpack-5.2.0.ebuild: RDEPEND: arm(default/linux/arm/13.0) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]', 'dev-ruby/rack:2.0[ruby_targets_ruby23]', '>=dev-ruby/rack-test-0.6.3:*[ruby_targets_ruby23]', '>=dev-ruby/rails-html-sanitizer-1.0.2:1[ruby_targets_ruby23]', 'dev-ruby/rails-dom-testing:2[ruby_targets_ruby23]']
> dependency.bad dev-ruby/actionpack/actionpack-5.2.0.ebuild: RDEPEND: ppc(default/linux/powerpc/ppc32/13.0) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]', 'dev-ruby/rack:2.0[ruby_targets_ruby23]', '>=dev-ruby/rack-test-0.6.3:*[ruby_targets_ruby23]', '>=dev-ruby/rails-html-sanitizer-1.0.2:1[ruby_targets_ruby23]', 'dev-ruby/rails-dom-testing:2[ruby_targets_ruby23]']
> dependency.bad dev-ruby/i18n/i18n-1.0.1.ebuild: DEPEND: arm(default/linux/arm/13.0) ['dev-ruby/test_declarative[ruby_targets_ruby23]']
> dependency.bad dev-ruby/i18n/i18n-1.0.1.ebuild: DEPEND: ppc(default/linux/powerpc/ppc32/13.0) ['dev-ruby/test_declarative[ruby_targets_ruby23]']
> dependency.bad dev-ruby/i18n/i18n-1.0.1.ebuild: DEPEND: ppc(default/linux/powerpc/ppc32/13.0/desktop) ['dev-ruby/test_declarative[ruby_targets_ruby23]']
> dependency.bad dev-ruby/listen/listen-3.1.5-r2.ebuild: DEPEND: arm(default/linux/arm/13.0) ['>=dev-ruby/ruby_dep-1.2:1[ruby_targets_ruby23]', 'dev-ruby/thor[ruby_targets_ruby23]']
> dependency.bad dev-ruby/listen/listen-3.1.5-r2.ebuild: RDEPEND: arm(default/linux/arm/13.0) ['>=dev-ruby/ruby_dep-1.2:1[ruby_targets_ruby23]']
> dependency.bad dev-ruby/listen/listen-3.1.5-r2.ebuild: DEPEND: ppc(default/linux/powerpc/ppc32/13.0) ['>=dev-ruby/ruby_dep-1.2:1[ruby_targets_ruby23]', 'dev-ruby/thor[ruby_targets_ruby23]']
> dependency.bad dev-ruby/railties/railties-5.2.0.ebuild: DEPEND: arm(default/linux/arm/13.0) ['>=dev-ruby/thor-0.18.1[ruby_targets_ruby23]', 'dev-ruby/method_source[ruby_targets_ruby23]', '~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/railties/railties-5.2.0.ebuild: RDEPEND: arm(default/linux/arm/13.0) ['>=app-eselect/eselect-rails-0.23', '>=dev-ruby/thor-0.18.1[ruby_targets_ruby23]', 'dev-ruby/method_source[ruby_targets_ruby23]']
> dependency.bad dev-ruby/railties/railties-5.2.0.ebuild: DEPEND: ppc(default/linux/powerpc/ppc32/13.0) ['>=dev-ruby/thor-0.18.1[ruby_targets_ruby23]', 'dev-ruby/method_source[ruby_targets_ruby23]', '~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/dalli/dalli-2.7.8-r1.ebuild: DEPEND: arm(default/linux/arm/13.0) ['<dev-ruby/activesupport-5.2[ruby_targets_ruby23]', 'dev-ruby/connection_pool[ruby_targets_ruby23]']
> dependency.bad dev-ruby/dalli/dalli-2.7.8-r1.ebuild: DEPEND: ppc(default/linux/powerpc/ppc32/13.0) ['<dev-ruby/activesupport-5.2[ruby_targets_ruby23]', 'dev-ruby/connection_pool[ruby_targets_ruby23]']
net-analyzer/wireshark[doc] p.use.stable.masked everywhere and unmask just for amd64 and x86 via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e73a6246a5aeb086ec4a14a2c59002c6b1f43319 An automated check of this bug failed - repoman reported dependency errors (93 lines truncated):
> dependency.bad dev-ruby/i18n/i18n-1.0.1.ebuild: DEPEND: x86(default/linux/x86/17.0) ['dev-ruby/test_declarative[ruby_targets_ruby23]']
> dependency.bad dev-ruby/i18n/i18n-1.0.1.ebuild: DEPEND: x86(default/linux/x86/17.0/desktop) ['dev-ruby/test_declarative[ruby_targets_ruby23]']
> dependency.bad dev-ruby/i18n/i18n-1.0.1.ebuild: DEPEND: x86(default/linux/x86/17.0/desktop/gnome) ['dev-ruby/test_declarative[ruby_targets_ruby23]']
> dependency.bad dev-ruby/actionpack/actionpack-5.2.0.ebuild: DEPEND: x86(default/linux/x86/17.0) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]', 'dev-ruby/rack:2.0[ruby_targets_ruby23]', '>=dev-ruby/rack-test-0.6.3:*[ruby_targets_ruby23]', '>=dev-ruby/rails-html-sanitizer-1.0.2:1[ruby_targets_ruby23]', 'dev-ruby/rails-dom-testing:2[ruby_targets_ruby23]', '>=dev-ruby/capybara-2.13:2[ruby_targets_ruby23]', '>=dev-ruby/rack-cache-1.2:1.2[ruby_targets_ruby23]', 'www-servers/puma[ruby_targets_ruby23]']
> dependency.bad dev-ruby/actionpack/actionpack-5.2.0.ebuild: RDEPEND: x86(default/linux/x86/17.0) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]', 'dev-ruby/rack:2.0[ruby_targets_ruby23]', '>=dev-ruby/rack-test-0.6.3:*[ruby_targets_ruby23]', '>=dev-ruby/rails-html-sanitizer-1.0.2:1[ruby_targets_ruby23]', 'dev-ruby/rails-dom-testing:2[ruby_targets_ruby23]']
> dependency.bad dev-ruby/actionpack/actionpack-5.2.0.ebuild: DEPEND: x86(default/linux/x86/17.0/desktop) ['~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]', 'dev-ruby/rack:2.0[ruby_targets_ruby23]', '>=dev-ruby/rack-test-0.6.3:*[ruby_targets_ruby23]', '>=dev-ruby/rails-html-sanitizer-1.0.2:1[ruby_targets_ruby23]', 'dev-ruby/rails-dom-testing:2[ruby_targets_ruby23]', '>=dev-ruby/capybara-2.13:2[ruby_targets_ruby23]', '>=dev-ruby/rack-cache-1.2:1.2[ruby_targets_ruby23]', 'www-servers/puma[ruby_targets_ruby23]']
> dependency.bad dev-ruby/railties/railties-5.2.0.ebuild: DEPEND: x86(default/linux/x86/17.0) ['>=dev-ruby/thor-0.18.1[ruby_targets_ruby23]', 'dev-ruby/method_source[ruby_targets_ruby23]', '~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]']
> dependency.bad dev-ruby/railties/railties-5.2.0.ebuild: RDEPEND: x86(default/linux/x86/17.0) ['>=app-eselect/eselect-rails-0.23', '>=dev-ruby/thor-0.18.1[ruby_targets_ruby23]', 'dev-ruby/method_source[ruby_targets_ruby23]']
> dependency.bad dev-ruby/railties/railties-5.2.0.ebuild: DEPEND: x86(default/linux/x86/17.0/desktop) ['>=dev-ruby/thor-0.18.1[ruby_targets_ruby23]', 'dev-ruby/method_source[ruby_targets_ruby23]', '~dev-ruby/actionview-5.2.0[ruby_targets_ruby23]']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['dev-ruby/asciidoctor']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0/desktop) ['dev-ruby/asciidoctor']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0/desktop/gnome) ['dev-ruby/asciidoctor']
> dependency.bad dev-ruby/listen/listen-3.1.5-r2.ebuild: DEPEND: x86(default/linux/x86/17.0) ['>=dev-ruby/ruby_dep-1.2:1[ruby_targets_ruby23]', 'dev-ruby/thor[ruby_targets_ruby23]']
> dependency.bad dev-ruby/listen/listen-3.1.5-r2.ebuild: RDEPEND: x86(default/linux/x86/17.0) ['>=dev-ruby/ruby_dep-1.2:1[ruby_targets_ruby23]']
> dependency.bad dev-ruby/listen/listen-3.1.5-r2.ebuild: DEPEND: x86(default/linux/x86/17.0/desktop) ['>=dev-ruby/ruby_dep-1.2:1[ruby_targets_ruby23]', 'dev-ruby/thor[ruby_targets_ruby23]']
> dependency.bad dev-ruby/dalli/dalli-2.7.8-r1.ebuild: DEPEND: x86(default/linux/x86/17.0) ['<dev-ruby/activesupport-5.2[ruby_targets_ruby23]', 'dev-ruby/connection_pool[ruby_targets_ruby23]']
> dependency.bad dev-ruby/dalli/dalli-2.7.8-r1.ebuild: DEPEND: x86(default/linux/x86/17.0/desktop) ['<dev-ruby/activesupport-5.2[ruby_targets_ruby23]', 'dev-ruby/connection_pool[ruby_targets_ruby23]']
> dependency.bad dev-ruby/dalli/dalli-2.7.8-r1.ebuild: DEPEND: x86(default/linux/x86/17.0/desktop/gnome) ['<dev-ruby/activesupport-5.2[ruby_targets_ruby23]', 'dev-ruby/connection_pool[ruby_targets_ruby23]']
An automated check of this bug failed - the following atoms are unknown: dev-ruby/bcrypt-ruby-3.1.1 dev-ruby/railties-4.2.0 Please verify the atom list. An automated check of this bug failed - repoman reported dependency errors (4 lines truncated):
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['dev-ruby/asciidoctor']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0/desktop) ['dev-ruby/asciidoctor']
> dependency.bad net-analyzer/wireshark/wireshark-2.6.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0/desktop/gnome) ['dev-ruby/asciidoctor']
Retry with https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6531b1f5fdf0a03d14cf8b14db65f9ce00ecc78f My suggestion from the ruby team would be to do what for amd64 what other arches have done in the past: add a package use mask to dev-ruby/haml tests and thus avoid the whole dev-ruby/rails dependency tree. This is a security bug so we'll want this done quickly. That is not going to happen when we include dev-ruby/rails because I'm sure there are test failures and other surprises in there. Instead we can whittle down the (ruby) list to just: dev-ruby/asciimath-1.0.4 amd64 x86 dev-ruby/haml-4.0.7-r1 amd64 x86 dev-ruby/temple-0.8.0 amd64 x86 dev-ruby/redcarpet-3.4.0 amd64 x86 dev-ruby/slim-3.0.9 amd64 x86 dev-ruby/asciidoctor-1.5.5-r1 amd64 x86 And add this to arch/amd64/package.use.mask: <dev-ruby/haml-5 test amd64 stable x86 stable arm stable Stable on alpha. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa03bb86b2466d2073e15d039b7987e4923eb42e commit aa03bb86b2466d2073e15d039b7987e4923eb42e Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-06-24 17:34:54 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-06-24 19:35:21 +0000 dev-libs/libmaxminddb: stable 1.2.1 for ppc, bug #656806 Bug: https://bugs.gentoo.org/656806 Package-Manager: Portage-2.3.40, Repoman-2.3.9 RepoMan-Options: --include-arches="ppc" dev-libs/libmaxminddb/libmaxminddb-1.2.1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b96da3217c713cb1beb16b9706617135ed671f0f commit b96da3217c713cb1beb16b9706617135ed671f0f Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-06-24 19:50:36 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-06-24 20:20:29 +0000 media-libs/bcg729: stable 1.0.4 for ppc64, bug #656806 Bug: https://bugs.gentoo.org/656806 Package-Manager: Portage-2.3.40, Repoman-2.3.9 RepoMan-Options: --include-arches="ppc64" media-libs/bcg729/bcg729-1.0.4.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eec65765de4835187bd4b2bad59864bc715e3022 commit eec65765de4835187bd4b2bad59864bc715e3022 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-07-01 09:10:46 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-07-01 09:10:46 +0000 dev-libs/libmaxminddb: stable 1.2.1 for ppc64, bug #656806 Bug: https://bugs.gentoo.org/656806 Package-Manager: Portage-2.3.41, Repoman-2.3.9 RepoMan-Options: --include-arches="ppc64" dev-libs/libmaxminddb/libmaxminddb-1.2.1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Superseded by bug 661578. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bfef00f595518e7487655909daf0f492c760a85b commit bfef00f595518e7487655909daf0f492c760a85b Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-07-23 18:53:01 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-07-23 18:53:01 +0000 media-libs/bcg729: stable 1.0.4 for hppa, bug #656806 Bug: https://bugs.gentoo.org/656806 Package-Manager: Portage-2.3.43, Repoman-2.3.10 RepoMan-Options: --include-arches="hppa" media-libs/bcg729/bcg729-1.0.4.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) GLSA Vote: No Thank you all for you work. Closing as [noglsa]. |