Summary: | <dev-libs/libgit2-{0.26.6,0.27.4}: oob read in smart-protocol 'ng' packets | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michał Górny <mgorny> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | gnome, mgorny |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa] | ||
Package list: |
dev-libs/libgit2-0.26.6
|
Runtime testing required: | No |
Description
Michał Górny
2018-08-07 05:50:55 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=72c1966bf06a5c6873074c7f5cebc27f6f8bb5c7 commit 72c1966bf06a5c6873074c7f5cebc27f6f8bb5c7 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2018-08-07 06:06:11 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2018-08-07 06:21:34 +0000 dev-libs/libgit2: Sec-bump to 0.27.4 Bug: https://bugs.gentoo.org/662994 dev-libs/libgit2/Manifest | 1 + dev-libs/libgit2/libgit2-0.27.4.ebuild | 80 ++++++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc124f9c519cb2cc6469c4f9bf774dd1f22d8fec commit cc124f9c519cb2cc6469c4f9bf774dd1f22d8fec Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2018-08-07 05:51:57 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2018-08-07 06:21:34 +0000 dev-libs/libgit2: Sec-bump to 0.26.6 Bug: https://bugs.gentoo.org/662994 dev-libs/libgit2/Manifest | 1 + dev-libs/libgit2/libgit2-0.26.6.ebuild | 80 ++++++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+) Arch teams, please test and stabilize the fixed version. amd64 stable x86 stable GLSA Vote: No! @ Maintainer(s): Please cleanup and drop <dev-libs/libgit2-0.26.6 and <dev-libs/libgit2-0.27.4! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c22582f2f5edd207a7d2dbe15d549701d04a3986 commit c22582f2f5edd207a7d2dbe15d549701d04a3986 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2018-08-08 02:55:02 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2018-08-08 02:55:02 +0000 dev-libs/libgit2: Remove vulnerable versions Bug: https://bugs.gentoo.org/662994 dev-libs/libgit2/Manifest | 2 - dev-libs/libgit2/libgit2-0.26.5.ebuild | 80 ---------------------------------- dev-libs/libgit2/libgit2-0.27.3.ebuild | 80 ---------------------------------- 3 files changed, 162 deletions(-) |