Summary: | <app-arch/gnome-autoar-0.3.0: Directory traversal (CVE-2020-36241) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://gitlab.gnome.org/GNOME/gnome-autoar/-/issues/7 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=777126 | ||
Whiteboard: | A2 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2021-02-05 08:51:57 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a5d84331184db5b9158f96f5988ec0aecc239968 commit a5d84331184db5b9158f96f5988ec0aecc239968 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2021-02-14 21:40:41 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2021-02-14 21:42:37 +0000 app-arch/gnome-autoar: security bump to 0.3.0 Bug: https://bugs.gentoo.org/768828 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Mart Raudsepp <leio@gentoo.org> app-arch/gnome-autoar/Manifest | 1 + app-arch/gnome-autoar/gnome-autoar-0.3.0.ebuild | 43 +++++++++++++++++++++++++ 2 files changed, 44 insertions(+) amd64 done x86 done arm64 done all arches done Please cleanup, thanks! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=edf2666a6b93762b002011d9f707fd8ff5f92da2 commit edf2666a6b93762b002011d9f707fd8ff5f92da2 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2021-02-18 22:18:42 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2021-02-18 22:19:11 +0000 app-arch/gnome-autoar: security cleanup Bug: https://bugs.gentoo.org/768828 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Mart Raudsepp <leio@gentoo.org> app-arch/gnome-autoar/Manifest | 1 - app-arch/gnome-autoar/gnome-autoar-0.2.4.ebuild | 43 ------------------------- 2 files changed, 44 deletions(-) Added to an existing GLSA request. This issue was resolved and addressed in GLSA 202105-10 at https://security.gentoo.org/glsa/202105-10 by GLSA coordinator Thomas Deutschmann (whissi). |