| Summary: | x11-terms/mrxvt: remote code execution | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | blueness |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://seclists.org/oss-sec/2021/q2/145 | ||
| See Also: | https://bugs.gentoo.org/show_bug.cgi?id=790782 | ||
| Whiteboard: | B1 [glsa+] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 791841 | ||
|
Description
John Helmert III
2021-05-18 23:35:49 UTC
Reporter also indicated this is unpatched upstream. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. (In reply to John Helmert III from comment #1) > Reporter also indicated this is unpatched upstream. which means [upstream], not [ebuild]. duh. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=013aece3cbd4470994b29d49da0a2c0a1e6c8bd3 commit 013aece3cbd4470994b29d49da0a2c0a1e6c8bd3 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2022-08-15 04:03:21 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-15 04:04:03 +0000 profiles: last rite x11-terms/mrxvt Bug: https://bugs.gentoo.org/791004 Signed-off-by: John Helmert III <ajak@gentoo.org> profiles/package.mask | 5 +++++ 1 file changed, 5 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=be94e6b541775bb349967bd705ca26bdc6c331ed commit be94e6b541775bb349967bd705ca26bdc6c331ed Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2022-09-18 21:15:21 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-09-18 21:15:21 +0000 x11-terms/mrxvt: treeclean Bug: https://bugs.gentoo.org/791004 Signed-off-by: John Helmert III <ajak@gentoo.org> profiles/package.mask | 5 - x11-terms/mrxvt/Manifest | 1 - ...rxvt-0.5.4-001-fix-segfault-when-wd-empty.patch | 13 --- x11-terms/mrxvt/files/mrxvt-0.5.4-fno-common.patch | 20 ---- x11-terms/mrxvt/files/mrxvt-0.5.4-libpng14.patch | 33 ------ x11-terms/mrxvt/metadata.xml | 16 --- x11-terms/mrxvt/mrxvt-0.5.4.ebuild | 121 --------------------- 7 files changed, 209 deletions(-) GLSA request filed GLSA released, all done! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=9fbcca1ab60420ce206332b616fe5b530b92be69 commit 9fbcca1ab60420ce206332b616fe5b530b92be69 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-09-25 13:34:13 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-09-25 13:42:20 +0000 [ GLSA 202209-07 ] Mrxvt: Arbitrary Code Execution Bug: https://bugs.gentoo.org/791004 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202209-07.xml | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) |