Summary: | <dev-scheme/racket-8.2: confused deputy attack in sandbox module restriction (CVE-2021-32773) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | scheme |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/racket/racket/security/advisories/GHSA-cgrw-p7p7-937c | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 820197 | ||
Bug Blocks: |
Description
John Helmert III
![]() ![]() ![]() ![]() Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4057b1d7add942eb4da35d7b4ff2695990068bac commit 4057b1d7add942eb4da35d7b4ff2695990068bac Author: Maciej Barć <xgqt@gentoo.org> AuthorDate: 2021-12-03 15:59:43 +0000 Commit: Maciej Barć <xgqt@gentoo.org> CommitDate: 2021-12-03 16:05:38 +0000 dev-scheme/racket: drop old remove vulnerable versions lesser than 8.2 Bug: https://bugs.gentoo.org/803116 Closes: https://bugs.gentoo.org/711098 Closes: https://bugs.gentoo.org/715324 Closes: https://bugs.gentoo.org/749729 Closes: https://bugs.gentoo.org/749735 Closes: https://bugs.gentoo.org/755008 Closes: https://bugs.gentoo.org/779466 Closes: https://bugs.gentoo.org/814899 Package-Manager: Portage-3.0.28, Repoman-3.0.3 Signed-off-by: Maciej Barć <xgqt@gentoo.org> dev-scheme/racket/Manifest | 12 --- dev-scheme/racket/racket-7.0-r1.ebuild | 93 ----------------- dev-scheme/racket/racket-7.1-r1.ebuild | 93 ----------------- dev-scheme/racket/racket-7.2-r1.ebuild | 94 ------------------ dev-scheme/racket/racket-7.3-r1.ebuild | 94 ------------------ dev-scheme/racket/racket-8.0-r1.ebuild | 113 --------------------- dev-scheme/racket/racket-8.1-r1.ebuild | 176 --------------------------------- 7 files changed, 675 deletions(-) Thank you! Still open? All versions < 8.2 gone from the tree (left > 8.5). We can noglsa. All done. |