| Summary: | <app-shells/mcfly-0.5.3: depends on vulnerable linked-hash-map crate | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | trivial | CC: | maintainer-needed, mmk, proxy-maint |
| Priority: | Normal | Keywords: | PullRequest |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://rustsec.org/advisories/RUSTSEC-2020-0026.html | ||
| See Also: | https://github.com/gentoo/gentoo/pull/19555 | ||
| Whiteboard: | ~4 [noglsa] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
John Helmert III
2020-10-25 01:51:27 UTC
Looks like the dependency is on 0.5.3 on master. Maintainer, please cleanup potentially vulnerable versions. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a00881bec58afbe2eba620be35549d52e3d162df commit a00881bec58afbe2eba620be35549d52e3d162df Author: Michael Mair-Keimberger <mmk@levelnine.at> AuthorDate: 2021-02-20 09:37:32 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2021-02-28 09:03:07 +0000 app-shells/mcfly: security cleanup Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Michael Mair-Keimberger <mmk@levelnine.at> Bug: https://bugs.gentoo.org/751091 Closes: https://github.com/gentoo/gentoo/pull/19555 Signed-off-by: Joonas Niilola <juippis@gentoo.org> app-shells/mcfly/Manifest | 51 ------------------ app-shells/mcfly/mcfly-0.3.6.ebuild | 96 --------------------------------- app-shells/mcfly/mcfly-0.5.2.ebuild | 104 ------------------------------------ app-shells/mcfly/mcfly-0.5.3.ebuild | 104 ------------------------------------ 4 files changed, 355 deletions(-) Thank you! All done. |