Summary: | <net-misc/ntpsec-1.1.7-r1: outdated systemd unit file allows for (CVE-2015-5300) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alessandro Barbieri <lssndrbarbieri> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | blueness, nerdboy |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/ntpsec/ntpsec/commit/8459d15f8cf19a54cf149779d0d967883aa5c6b4 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 694748 | ||
Bug Blocks: |
Description
Alessandro Barbieri
2019-10-09 00:15:23 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=def2c6ace829ce9e98c8963802a0b3baf916ac72 commit def2c6ace829ce9e98c8963802a0b3baf916ac72 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2019-10-26 17:49:47 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2019-10-26 17:50:54 +0000 net-misc/ntpsec: update unit file to avoid CVE-2015-5300 Bug: https://bugs.gentoo.org/697024 Package-Manager: Portage-2.3.78, Repoman-2.3.17 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> net-misc/ntpsec/files/ntpd-r1.service | 19 +++++++++++++++++++ .../{ntpsec-1.1.7.ebuild => ntpsec-1.1.7-r1.ebuild} | 2 +- net-misc/ntpsec/ntpsec-9999.ebuild | 2 +- 3 files changed, 21 insertions(+), 2 deletions(-) Maintainer(s), please drop the vulnerable version(s). GLSA Vote: No Unable to check for sanity:
> dependent bug #694748 is missing keywords
Resetting sanity check; package list is empty or all packages are done. Cleanup is part of bug 694748 Thank you all for you work. Closing as [noglsa]. |