Summary: | <sys-apps/firejail-0.9.60-r1: unauthorized disclosure of information (CVE-2019-12499) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | expeditioneer, fingerfehler, maintainer-needed |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/netblue30/firejail/issues/2401 | ||
Whiteboard: | B4 [noglsa cve] | ||
Package list: |
sys-apps/firejail-0.9.60-r1
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 678976, 687612 |
Description
D'juan McDonald (domhnall)
2019-06-01 02:56:17 UTC
This "was fixed in 0.9.60, 0.9.56.2-LTS" [1]. [1]: https://firejail.wordpress.com/download-2/cve-status/ Maintainer, do you intend to bump the LTS release? Hi Aron, yes the ebuild of the firejail LTS version was bumped to 0.9.56.2. Best regards, Dennis (In reply to Dennis Lamm from comment #2) > Hi Aron, > > yes the ebuild of the firejail LTS version was bumped to 0.9.56.2. > > Best regards, > Dennis Ah, now I see there is a separate package for LTS. Please call for stable when ready so we can proceed to remove the vulnerable ebuilds. *** Bug 693774 has been marked as a duplicate of this bug. *** *** Bug 693776 has been marked as a duplicate of this bug. *** amd64 stable. Maintainer(s), please cleanup. Security, please vote. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1f4499a201d0bc9431172b00cbd52f1d0943bdba commit 1f4499a201d0bc9431172b00cbd52f1d0943bdba Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-03-15 21:42:47 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-03-15 21:43:39 +0000 sys-apps/firejail-lts: amd64 stable Bug: https://bugs.gentoo.org/687108 Package-Manager: Portage-2.3.94, Repoman-2.3.21 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> sys-apps/firejail-lts/firejail-lts-0.9.56.2-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Repository is clean, all done! |