Summary: | <media-libs/libass-0.15.0: integer overflows (CVE-2020-26682) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | media-video |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/libass/libass/pull/432 | ||
Whiteboard: | A3 [glsa+ cve] | ||
Package list: |
media-libs/libass-0.15.0
|
Runtime testing required: | --- |
Description
John Helmert III
2020-10-04 02:05:57 UTC
Patch is merged. Now in a release - 0.15.0 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=60e86f87dbc988fd780af5a24d21181bf75ae6d7 commit 60e86f87dbc988fd780af5a24d21181bf75ae6d7 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-11-20 04:49:52 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-11-20 04:50:59 +0000 media-libs/libass: security bump to 0.15.0 Bug: https://bugs.gentoo.org/746413 Package-Manager: Portage-3.0.9, Repoman-3.0.2 Signed-off-by: Sam James <sam@gentoo.org> media-libs/libass/Manifest | 1 + media-libs/libass/libass-0.15.0.ebuild | 42 ++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) ~hppa is fine amd64 done x86 stable arm64 done arm done ppc/ppc64 stable sparc stable The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8c61a2238d5f7e0e0b7e74bfbfd8bba583d6bea8 commit 8c61a2238d5f7e0e0b7e74bfbfd8bba583d6bea8 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-12-06 16:47:17 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-12-07 03:56:18 +0000 media-libs/libass: security cleanup (<0.15.0) Bug: https://bugs.gentoo.org/746413 Package-Manager: Portage-3.0.11, Repoman-3.0.2 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/18533 Signed-off-by: Sam James <sam@gentoo.org> media-libs/libass/Manifest | 1 - media-libs/libass/libass-0.14.0.ebuild | 45 ---------------------------------- media-libs/libass/metadata.xml | 3 --- 3 files changed, 49 deletions(-) New GLSA request filed. This issue was resolved and addressed in GLSA 202012-12 at https://security.gentoo.org/glsa/202012-12 by GLSA coordinator Thomas Deutschmann (whissi). |