Summary: | <app-arch/gnome-autoar-0.3.1: Directory traversal (CVE-2021-28650) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=768828 | ||
Whiteboard: | A2 [glsa+ cve] | ||
Package list: |
app-arch/gnome-autoar-0.3.1
|
Runtime testing required: | --- |
Description
Sam James
2021-03-19 03:50:20 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=51c21938ec3fde06d235145eb7f39bc2d7002869 commit 51c21938ec3fde06d235145eb7f39bc2d7002869 Author: Matt Turner <mattst88@gentoo.org> AuthorDate: 2021-03-20 23:40:58 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2021-03-20 23:43:19 +0000 app-arch/gnome-autoar: Version bump to 0.3.1 Bug: https://bugs.gentoo.org/777126 Signed-off-by: Matt Turner <mattst88@gentoo.org> app-arch/gnome-autoar/Manifest | 1 + app-arch/gnome-autoar/gnome-autoar-0.3.1.ebuild | 43 +++++++++++++++++++++++++ 2 files changed, 44 insertions(+) Thank you! Please proceed with stabilization when ready. Ping arm64 done amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8089d0f5e111b06dc93296016f2bdde74d354c8e commit 8089d0f5e111b06dc93296016f2bdde74d354c8e Author: Matt Turner <mattst88@gentoo.org> AuthorDate: 2021-03-29 15:22:35 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2021-03-29 15:22:55 +0000 app-arch/gnome-autoar: Drop old versions Bug: https://bugs.gentoo.org/777126 Signed-off-by: Matt Turner <mattst88@gentoo.org> app-arch/gnome-autoar/Manifest | 1 - app-arch/gnome-autoar/gnome-autoar-0.3.0.ebuild | 43 ------------------------- 2 files changed, 44 deletions(-) Thanks! New GLSA request filed. This issue was resolved and addressed in GLSA 202105-10 at https://security.gentoo.org/glsa/202105-10 by GLSA coordinator Thomas Deutschmann (whissi). |