Summary: | <app-admin/sysstat-12.2.1 : double free in check_file_actlst() in sa_common.c may lead to arbitrary code execution (CVE-2019-19725) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | jer |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: |
=app-admin/sysstat-12.2.1
|
Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2020-01-23 21:55:47 UTC
@maintainer(s): Please call for stabilization when ready! (In reply to Thomas Deutschmann from comment #1) > @maintainer(s): Please call for stabilization when ready! The development branch is never ready for stabilisation. 2019/12/27: Version 12.2.1 - Sebastien Godard (sysstat <at> orange.fr) * sadf: Fix double free in check_file_actlst(). amd64 stable hppa/sparc stable x86 stable ppc/ppc64 stable arm stable The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=25edd3619dfe9725db502bad897c2e2fe9edbe64 commit 25edd3619dfe9725db502bad897c2e2fe9edbe64 Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2020-02-10 11:11:47 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2020-02-10 11:12:10 +0000 app-admin/sysstat: Old Package-Manager: Portage-2.3.88, Repoman-2.3.20 Bug: https://bugs.gentoo.org/show_bug.cgi?id=706206 Signed-off-by: Jeroen Roovers <jer@gentoo.org> app-admin/sysstat/Manifest | 2 - app-admin/sysstat/sysstat-12.0.5.ebuild | 81 ------------------------------ app-admin/sysstat/sysstat-12.2.0-r1.ebuild | 81 ------------------------------ 3 files changed, 164 deletions(-) Tree is clean. Resetting sanity check; keywords are not fully specified and arches are not CC-ed. This issue was resolved and addressed in GLSA 202007-22 at https://security.gentoo.org/glsa/202007-22 by GLSA coordinator Sam James (sam_c). |