Summary: | <net-libs/libssh-0.9.5: Null pointer dereference (CVE-2020-16135) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120 | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2020-07-29 22:59:13 UTC
Upstream told me that it's safe to wait for the upcoming release (which they planned to release in about a month). (In reply to Lars Wendler (Polynomial-C) from comment #1) > Upstream told me that it's safe to wait for the upcoming release (which they > planned to release in about a month). Thanks! Thanks. Tell us when it's ready to stable. Ready? ppc done arm64 done sparc stable ppc64 stable arm done x86 done amd64 done hppa stable. Last arch, closing. Sorry, not my day. (In reply to Rolf Eike Beer from comment #13) > Sorry, not my day. No worries. :) Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=db2e4f147fa025f4a824b3c92125ca3d518a1038 commit db2e4f147fa025f4a824b3c92125ca3d518a1038 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2020-10-15 19:00:53 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2020-10-15 19:00:53 +0000 net-libs/libssh: Cleanup vulnerable 0.9.4 Bug: https://bugs.gentoo.org/734624 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> net-libs/libssh/Manifest | 1 - net-libs/libssh/libssh-0.9.4.ebuild | 119 ------------------------------------ 2 files changed, 120 deletions(-) This issue was resolved and addressed in GLSA 202011-05 at https://security.gentoo.org/glsa/202011-05 by GLSA coordinator Sam James (sam_c). |