Summary: | dev-perl/Archive-Zip: zip security vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Steph L <linux4ibook> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | perl |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B4 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Steph L
2004-10-23 00:29:50 UTC
This looks to be a security bug. I'm re-assigning it to the security team for overview. perl team, pls bump the ebuild Bumped, tested, marked for sparc and x86. PPC, can you check it, confirm it, and mark it? darkspectre worked with me in irc and confirmed this for ppc. marking stable now - security folks, its all up to you for a glsa if you want it. adjusting Severity, removing ppc since it's already stable on ppc __ alpha and amd64, please test Archive-Zip-1.14 and mark it stable if possible current KEYWORDS="x86 sparc ppc" target KEYWORDS="x86 amd64 ppc sparc alpha" Stable on alpha. security, while we are waiting for the last arch to test/mark stable, pls vote on a GLSA This allows to bypass antivirus security, so I would issue one (Low ?), yes. Stable on amd64. The FreeBSD folks have updated their port to 1.14 There is now an official Amavis Security Announcement : http://marc.theaimsgroup.com/?l=amavis-user&m=109882288027259&w=2 http://marc.theaimsgroup.com/?l=amavis-user&m=109882351729093&w=2 We'll have a GLSA on that one. GLSA 200410-31 |