Summary: | <dev-lang/nasm-2.15.0: Multiple vulnerabilities (CVE-2020-{24241,24242}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ajak, slyfox |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
![]() ![]() ![]() ![]() These are ostensibly against an rc version and I can't reproduce with 2.15.04 so we might not be affected. (In reply to John Helmert III (ajak) from comment #1) > These are ostensibly against an rc version and I can't reproduce with > 2.15.04 so we might not be affected. Sorry, 2.14.02 is what appears unaffected. Ping It's not clear if you ping maintainers or security. If not specified otherwise I always assume assignee. It's also not clear what action you expect. Upstream bugs claim to fix both in problems in >=nasm-2.15.04. (In reply to Sergei Trofimovich from comment #4) > It's not clear if you ping maintainers or security. If not specified > otherwise I always assume assignee. > > It's also not clear what action you expect. Sorry! It is unclear whether our versions in tree were ever affected. If not, we can just close this bug. nasm-2.15.03 was probably last affected version (not in tree anymore). (In reply to Sergei Trofimovich from comment #6) > nasm-2.15.03 was probably last affected version (not in tree anymore). Thanks! |