Summary: | <dev-util/rizin-0.3.0: use-after-free in pyc parsing (CVE-2021-32613) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | ajak, sam |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 792354 |
Description
John Helmert III
2021-05-27 01:55:44 UTC
Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=412eaec7e9d11870fb4b831213d93f422b6b613c commit 412eaec7e9d11870fb4b831213d93f422b6b613c Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-10-05 20:35:25 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-10-05 20:40:06 +0000 dev-util/rizin: add 0.3.0 Note that tests are restricted due to uncertainty about the licenses of the test binaries. Bug: https://bugs.gentoo.org/792357 Bug: https://bugs.gentoo.org/807067 Signed-off-by: John Helmert III <ajak@gentoo.org> dev-util/rizin/Manifest | 1 + dev-util/rizin/files/rizin-0.3.0-md4-openssl.patch | 100 ++++++++++++++++ .../rizin/files/rizin-0.3.0-typedb-prefix.patch | 132 +++++++++++++++++++++ dev-util/rizin/rizin-0.3.0.ebuild | 103 ++++++++++++++++ 4 files changed, 336 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=64ff47121444571971ac7092180f61cd07bbf58f commit 64ff47121444571971ac7092180f61cd07bbf58f Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-10-17 14:09:23 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-10-17 16:08:09 +0000 dev-util/rizin: drop 0.2.1 Bug: https://bugs.gentoo.org/807067 Bug: https://bugs.gentoo.org/792357 Signed-off-by: John Helmert III <ajak@gentoo.org> dev-util/rizin/Manifest | 2 - dev-util/rizin/files/rizin-0.2.1-no-rzpipe.patch | 14 ---- dev-util/rizin/rizin-0.2.1.ebuild | 81 ------------------------ 3 files changed, 97 deletions(-) All done! |