| Summary: | [TRACKER] Multiple vulnerabilities in embedded gnulib (CVE-2017-7476, CVE-2018-17942) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Sam James <sam> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | Keywords: | Tracker |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| See Also: | https://bugs.gentoo.org/show_bug.cgi?id=600518 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 713104, 714936, 714938, 714940, 714942, 714944, 714948, 714950, 714952, 714954, 714956, 714958, 714960, 714962, 714964, 714966, 714968, 714970, 714972, 714974, 714976, 714978, 714980, 714982, 714984, 714986, 714988, 714990, 714992 | ||
| Bug Blocks: | |||
|
Description
Sam James
2020-03-26 22:19:04 UTC
If one of your packages blocks this bug, please investigate whether it contains a vulnerable version of gnulib -- or if it has in the past, so that we can act accordingly. Please be proactive and let us know about any other gnulib packages which seem to be missing from this tracker. "due to": gnulib is intended to be embedded. FYI: Pretty much all of these are false positives. Do not panic. I'll be checking these more thoroughly later but my script was not right. Having manually checked all the dependants so far, they are all clean. I will reopen any that need to be reopened / file new ones for packages not already listed, but I'll cover this. So do not worry. Thank you for any efforts so far, sorry for the hassle caused! |