Summary: | <net-libs/libetpan-1.9.4-r1: Information disclosure via TLS mishandling (CVE-2020-15953) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | polynomial-c |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/dinhvh/libetpan/issues/386 | ||
Whiteboard: | B4 [glsa+ cve] | ||
Package list: |
=net-libs/libetpan-1.9.4-r1
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 807352 |
Description
John Helmert III
2020-07-27 18:18:13 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d7fe2e20aa1d6cecd9b076e4f0bbe06911576c66 commit d7fe2e20aa1d6cecd9b076e4f0bbe06911576c66 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2020-07-27 18:29:18 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-07-27 18:30:34 +0000 net-libs/libetpan: Security revbump to fix CVE-2020-15953 Bug: https://bugs.gentoo.org/734130 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> .../files/libetpan-1.9.4-CVE-2020-15953.patch | 86 ++++++++++++++++++++++ net-libs/libetpan/libetpan-1.9.4-r1.ebuild | 78 ++++++++++++++++++++ 2 files changed, 164 insertions(+) GLSA vote: yes x86 stable amd64 stable This issue was resolved and addressed in GLSA 202007-55 at https://security.gentoo.org/glsa/202007-55 by GLSA coordinator Sam James (sam_c). Reopening for remaining arches. sparc stable ppc64 stable ppc stable hppa stable. Last arch, closing. Ups, sorry. (In reply to Rolf Eike Beer from comment #11) > Ups, sorry. No worries. Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8bd0471b2367f4fa7a9f12bf333178b4f7e33f90 commit 8bd0471b2367f4fa7a9f12bf333178b4f7e33f90 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2020-07-30 21:15:03 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-07-30 21:15:33 +0000 net-libs/libetpan: Security cleanup Bug: https://bugs.gentoo.org/734130 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-libs/libetpan/Manifest | 1 - .../files/libetpan-1.9.3-missing-stddev_h.patch | 30 --------- net-libs/libetpan/libetpan-1.9.3.ebuild | 77 ---------------------- net-libs/libetpan/libetpan-1.9.4.ebuild | 77 ---------------------- 4 files changed, 185 deletions(-) Thanks everyone! All done, closing. |