Summary: | <net-libs/mbedtls-{2.16.10,2.26.0}: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | blueness |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/ARMmbed/mbedtls/releases/tag/v2.26.0 | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2021-03-25 21:07:41 UTC
Its ready: KEYWORDS="amd64 arm arm64 ppc ppc64 x86" arm64 done x86 done arm done ppc64 done ppc done amd64 done all arches done Please cleanup. (In reply to John Helmert III from comment #8) > Please cleanup. done The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d6dc616c9f12063cec31a32c56b5068f4542b00c commit d6dc616c9f12063cec31a32c56b5068f4542b00c Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-04-06 14:52:04 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-04-06 15:09:44 +0000 net-libs/mbedtls: drop 2.24.0 (security) Bug: https://bugs.gentoo.org/778254 Acked-By: Anthony Basile <blueness@gentoo.org> Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: John Helmert III <ajak@gentoo.org> net-libs/mbedtls/Manifest | 1 - net-libs/mbedtls/mbedtls-2.24.0.ebuild | 95 ---------------------------------- 2 files changed, 96 deletions(-) Added to existing request Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. GLSA request filed. Still need CVEs, I guess. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=f524f5fa47d9d739280d4530623a93084918da39 commit f524f5fa47d9d739280d4530623a93084918da39 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-01-11 05:19:06 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-01-11 05:22:06 +0000 [ GLSA 202301-08 ] Mbed TLS: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/730752 Bug: https://bugs.gentoo.org/740108 Bug: https://bugs.gentoo.org/764317 Bug: https://bugs.gentoo.org/778254 Bug: https://bugs.gentoo.org/801376 Bug: https://bugs.gentoo.org/829660 Bug: https://bugs.gentoo.org/857813 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202301-08.xml | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) GLSA released, all done! |