Summary: | <dev-embedded/u-boot-tools-2021.04_rc2: multiple vulnerabilities (CVE-2021-{27097,27138}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | minor | CC: | embedded |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2021-02-19 04:52:07 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4f8e821f7c750d3db6e6828a8cd70dc272c4dbd commit f4f8e821f7c750d3db6e6828a8cd70dc272c4dbd Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2021-02-19 08:17:03 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2021-02-19 08:18:51 +0000 dev-embedded/u-boot-tools: bump up to 2020.04-r2 Bug: https://bugs.gentoo.org/771555 Closes: https://bugs.gentoo.org/745117 Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> dev-embedded/u-boot-tools/Manifest | 1 + .../u-boot-tools/u-boot-tools-2021.04_rc2.ebuild | 76 ++++++++++++++++++++++ 2 files changed, 77 insertions(+) Thank you! Let's stabilize if it's suitable. Slyfox: can you offer input on the impact of these? amd64 done x86 done arm done all arches done Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=16b23b9d5ebd4db63a982f8b5b4d62408a1128b4 commit 16b23b9d5ebd4db63a982f8b5b4d62408a1128b4 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-07-23 23:50:13 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-07-24 06:21:19 +0000 dev-embedded/u-boot-tools: drop 2020.04-r2 Bug: https://bugs.gentoo.org/771555 Signed-off-by: John Helmert III <ajak@gentoo.org> dev-embedded/u-boot-tools/Manifest | 1 - .../u-boot-tools/u-boot-tools-2020.04-r2.ebuild | 75 ---------------------- 2 files changed, 76 deletions(-) Unable to check for sanity:
> no match for package: dev-embedded/u-boot-tools-2021.04_rc2
Resetting sanity check; package list is empty or all packages are done. the CVE's in question only apply to the bootloader, not to the tools, so they aren't relevant to dev-embedded/u-boot-tools in the first place If the bug is wrong it's invalid. |