Summary: | <media-sound/lilypond-2.21.1-r1: Potential unsafe usage of ghostscript (CVE-2020-17353) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | fordfrog, scheme |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://git.savannah.gnu.org/gitweb/?p=lilypond.git;a=commit;h=b84ea4740f3279516905c5db05f4074e777c16ff | ||
Whiteboard: | B4 [noglsa cve] | ||
Package list: |
media-sound/lilypond-2.21.1-r1
|
Runtime testing required: | --- |
Description
John Helmert III
2020-08-05 17:02:07 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b643169012fae9013d509ef7fc19602450113b77 commit b643169012fae9013d509ef7fc19602450113b77 Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2020-08-05 17:57:09 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2020-08-05 17:57:26 +0000 media-sound/lilypond: fixed cve-2020-17353 Bug: https://bugs.gentoo.org/736074 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> .../files/lilypond-fix-cve-2020-17353.patch | 101 ++++++++++++++++ media-sound/lilypond/lilypond-2.21.1-r1.ebuild | 130 +++++++++++++++++++++ ...ond-2.21.4.ebuild => lilypond-2.21.4-r1.ebuild} | 1 + 3 files changed, 232 insertions(+) i think 2.21.1-r1 can go stable if needed. (In reply to Miroslav Šulc from comment #2) > i think 2.21.1-r1 can go stable if needed. Thanks. arm64 done amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1a38c1ce10a896855b8917a58ffc50bcc693802d commit 1a38c1ce10a896855b8917a58ffc50bcc693802d Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2020-08-07 12:04:48 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2020-08-07 12:04:48 +0000 media-sound/lilypond: removed vulnerable 2.21.1 Bug: https://bugs.gentoo.org/736074 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> media-sound/lilypond/lilypond-2.21.1.ebuild | 129 ---------------------------- 1 file changed, 129 deletions(-) we're clean now (In reply to Miroslav Šulc from comment #8) > we're clean now Thanks! |