Summary: | <dev-db/mongodb-{4.0.20,4.2.10}: multiple vulnerabilities (CVE-2019-2392, CVE-2020-{7925,7928}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | minor | CC: | ultrabug |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa?] | ||
Package list: | Runtime testing required: | No |
Description
John Helmert III
2020-12-20 08:11:34 UTC
ultrabug: ping, ready? Unable to check for sanity:
> no match for package: dev-db/mongodb-4.2.10
It's time we get rid of pmasked packages and vulnerable ones yes, I've done this first: * commit 53e1b1668820ffaa146ca8806fd9e2a36e550662 (HEAD -> master, origin/master, origin/HEAD) | Author: Alexys Jacob <ultrabug@gentoo.org> | Date: Mon Jan 18 11:40:51 2021 +0100 | | dev-db/mongodb: drop pmasked and vulnerable wrt #760827 | | Package-Manager: Portage-3.0.13, Repoman-3.0.2 | Signed-off-by: Alexys Jacob <ultrabug@gentoo.org> | --- | 10 files changed, 945 deletions(-) (In reply to Ultrabug from comment #3) > It's time we get rid of pmasked packages and vulnerable ones yes, I've done > this first: > > * commit 53e1b1668820ffaa146ca8806fd9e2a36e550662 (HEAD -> master, > origin/master, origin/HEAD) > | Author: Alexys Jacob <ultrabug@gentoo.org> > | Date: Mon Jan 18 11:40:51 2021 +0100 > | > | dev-db/mongodb: drop pmasked and vulnerable wrt #760827 > | > | Package-Manager: Portage-3.0.13, Repoman-3.0.2 > | Signed-off-by: Alexys Jacob <ultrabug@gentoo.org> > | --- > | 10 files changed, 945 deletions(-) How about 4.2.8? Do we need to stable 4.2.11? yes we need to stable 4.2.11 before we can get rid of 4.2.8 (In reply to Ultrabug from comment #5) > yes we need to stable 4.2.11 before we can get rid of 4.2.8 Ok, please proceed when ready then! (In reply to Ultrabug from comment #5) > yes we need to stable 4.2.11 before we can get rid of 4.2.8 Ready? Yes please start stabilization, thank you! amd64 done all arches done Please cleanup Cleanup done, tree is clean (In reply to Ultrabug from comment #11) > Cleanup done, tree is clean Thank you! Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. |