Summary: | <sys-fs/fuseiso-20070708-r3: Multiple vulnerabilities (CVE-2015-8837) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | mgorny, proxy-maint, zhaoxiaoqiang007 |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=633290 | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: |
sys-fs/fuseiso-20070708-r3
|
Runtime testing required: | --- |
Description
Sam James
2020-03-18 22:15:48 UTC
@maintainer(s), please create a suitable ebuild (IMO: apply the patches from Debian linked above). @maintainer, ping. ping.. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=675031ceeb5731701376347641f857d3d00c8322 commit 675031ceeb5731701376347641f857d3d00c8322 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-07-19 19:06:17 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-07-19 19:06:17 +0000 sys-fs/fuseiso: revbump for security patches This fixes CVE-2015-8837 and another possible vulnerability using patches from Debian. Bug: https://bugs.gentoo.org/713328 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: Sam James <sam@gentoo.org> .../files/fuseiso-20070708-CVE-2015-8837.patch | 35 ++++++++++++++++++++++ .../files/fuseiso-20070708-integer-overflow.patch | 16 ++++++++++ sys-fs/fuseiso/fuseiso-20070708-r3.ebuild | 28 +++++++++++++++++ 3 files changed, 79 insertions(+) x86 stable amd64 stable. Please cleanup. This issue was resolved and addressed in GLSA 202007-20 at https://security.gentoo.org/glsa/202007-20 by GLSA coordinator Sam James (sam_c). (In reply to GLSAMaker/CVETool Bot from comment #7) > This issue was resolved and addressed in > GLSA 202007-20 at https://security.gentoo.org/glsa/202007-20 > by GLSA coordinator Sam James (sam_c). Reopening for cleanup. The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f21c97c1fbade4e7fadee7a1e18b880976164416 commit f21c97c1fbade4e7fadee7a1e18b880976164416 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-07-27 02:31:16 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-07-27 03:15:17 +0000 sys-fs/fuseiso: security cleanup Closes: https://bugs.gentoo.org/713328 Package-Manager: Portage-3.0.0, Repoman-2.3.23 Signed-off-by: Sam James <sam@gentoo.org> sys-fs/fuseiso/fuseiso-20070708-r2.ebuild | 22 ---------------------- 1 file changed, 22 deletions(-) |