Summary: | <xfce-base/thunar-{4.16.8, 4.17.3}: File type confusion vulnerability (CVE-2021-32563) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | mgorny, xfce |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa+] | ||
Package list: |
xfce-base/thunar-4.16.8
|
Runtime testing required: | --- |
Description
Sam James
2021-05-11 07:58:15 UTC
Can we stable 4.16.8 (or, unlikely, 4.17.3)? Sure, let's do it. x86 done amd64 done arm done ppc done ppc64 done arm64 done all arches done Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a44a5e315a6bd08d50edf26134b8b38e880557ad commit a44a5e315a6bd08d50edf26134b8b38e880557ad Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2021-05-13 19:24:39 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2021-05-13 19:31:40 +0000 xfce-base/thunar: Remove old Bug: https://bugs.gentoo.org/789396 Signed-off-by: Michał Górny <mgorny@gentoo.org> xfce-base/thunar/Manifest | 4 -- xfce-base/thunar/thunar-4.16.6.ebuild | 76 ----------------------------------- xfce-base/thunar/thunar-4.16.7.ebuild | 76 ----------------------------------- xfce-base/thunar/thunar-4.17.1.ebuild | 76 ----------------------------------- xfce-base/thunar/thunar-4.17.2.ebuild | 76 ----------------------------------- 5 files changed, 308 deletions(-) Unable to check for sanity:
> no match for package: xfce-base/thunar-4.16.8
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=250c9b32b3a14eab714b691afb47b9c52cb12946 commit 250c9b32b3a14eab714b691afb47b9c52cb12946 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-18 10:48:22 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-02-18 10:48:43 +0000 [ GLSA 202402-20 ] Thunar: Arbitrary Code Execution Bug: https://bugs.gentoo.org/789396 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202402-20.xml | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) |