Summary: | <net-mail/isync-{1.3.6, 1.4.2}: possible remote code execution (CVE-2021-3578) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kenton Groombridge <concord> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | gyakovlev, sam |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.openwall.com/lists/oss-security/2021/06/07/1 | ||
Whiteboard: | B2 [glsa+] | ||
Package list: |
net-mail/isync-1.3.6
|
Runtime testing required: | --- |
Description
Kenton Groombridge
2021-06-07 15:09:36 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f35a7a7604140062a2edba6efd2c94ab54866120 commit f35a7a7604140062a2edba6efd2c94ab54866120 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-06-07 06:56:32 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-06-07 07:13:56 +0000 net-mail/isync: add 1.4.2 Bug: https://bugs.gentoo.org/794772 Signed-off-by: Sam James <sam@gentoo.org> net-mail/isync/Manifest | 1 + net-mail/isync/isync-1.4.2.ebuild | 43 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=953ae581d25b29bc8fbf8f7c8c1139f67a74ceef commit 953ae581d25b29bc8fbf8f7c8c1139f67a74ceef Author: Sam James <sam@gentoo.org> AuthorDate: 2021-06-07 06:56:05 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-06-07 07:13:55 +0000 net-mail/isync: add 1.3.6 Bug: https://bugs.gentoo.org/794772 Signed-off-by: Sam James <sam@gentoo.org> net-mail/isync/Manifest | 1 + net-mail/isync/isync-1.3.6.ebuild | 42 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) x86 done amd64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb486917023ba6db5019f39b73db1bc9c5a2f67d commit cb486917023ba6db5019f39b73db1bc9c5a2f67d Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-07-24 06:19:24 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-07-24 06:19:24 +0000 net-mail/isync: drop 1.4.1 Bug: https://bugs.gentoo.org/794772 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> net-mail/isync/Manifest | 1 - net-mail/isync/isync-1.4.1.ebuild | 43 --------------------------------------- 2 files changed, 44 deletions(-) Nothing to do here anymore Keywords are not fully specified and arches are not CC-ed for the following packages: - =net-mail/isync-1.3.6 Request filed The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=d94e53c09885e53ce1daaa7089692d4054a2cb38 commit d94e53c09885e53ce1daaa7089692d4054a2cb38 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-10 22:30:18 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-10 22:33:14 +0000 [ GLSA 202208-15 ] isync: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/771738 Bug: https://bugs.gentoo.org/794772 Bug: https://bugs.gentoo.org/826902 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-15.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) GLSA released, all done! |