Summary: | <media-libs/libvorbis-1.3.6-r1: multiple vulnerabilities (CVE-2018-{10392,10393}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | sound |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa+ cve] | ||
Package list: |
media-libs/libvorbis-1.3.6-r1
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 631646 | ||
Deadline: | 2019-12-06 |
Description
GLSAMaker/CVETool Bot
2019-11-11 18:12:27 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=733260c31ddf36bc2450e9675eddc93329ab171d commit 733260c31ddf36bc2450e9675eddc93329ab171d Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2019-12-03 00:25:04 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2019-12-03 00:25:19 +0000 media-libs/libvorbis: security bump Bug: https://bugs.gentoo.org/631646 Bug: https://bugs.gentoo.org/699862 Package-Manager: Portage-2.3.80, Repoman-2.3.19 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> .../files/libvorbis-1.3.6-CVE-2017-14160.patch | 29 +++++++++++ .../files/libvorbis-1.3.6-CVE-2018-10392.patch | 25 +++++++++ media-libs/libvorbis/libvorbis-1.3.6-r1.ebuild | 60 ++++++++++++++++++++++ 3 files changed, 114 insertions(+) Let's wait a few days, ebuild was migrated from EAPI 5 -> 7. New GLSA request filed. sparc stable This issue was resolved and addressed in GLSA 202003-36 at https://security.gentoo.org/glsa/202003-36 by GLSA coordinator Thomas Deutschmann (whissi). hppa stable Re-opening for remaining architectures. arm64 stable amd64 stable arm stable ppc stable ppc64 stable ia64 stable x86 stable. Maintainer(s), please cleanup. Resetting sanity check; keywords are not fully specified and arches are not CC-ed. @maintainer(s), ping, please cleanup The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4a47277387474dd88ccd83c1f35247c291c3eb2a commit 4a47277387474dd88ccd83c1f35247c291c3eb2a Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2020-06-20 01:17:22 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2020-06-20 01:17:22 +0000 media-libs/libvorbis: drop vulnerable Bug: https://bugs.gentoo.org/699862 Signed-off-by: Aaron Bauman <bman@gentoo.org> media-libs/libvorbis/libvorbis-1.3.6.ebuild | 39 ----------------------------- 1 file changed, 39 deletions(-) |