Summary: | <app-backup/btrbk-0.31.2: remote execution in ssh_filter_btrbk.sh (CVE-2021-38173) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jannik Glückert <jannik.glueckert> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | axel, candrews |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | C2 [glsa+] | ||
Package list: |
app-backup/btrbk-0.31.2 amd64 x86 arm arm64
sys-block/mbuffer-20200929 arm64
|
Runtime testing required: | --- |
Description
Jannik Glückert
2021-08-07 09:38:37 UTC
Sanity check failed:
> app-backup/btrbk-0.31.2
> rdepend arm64 stable profile default/linux/arm64/17.0 (9 total)
> >=sys-block/mbuffer-20180505
All sanity-check issues have been resolved Nice spot, Jannik! Ready to stable, candrews? Nice catch! Let's do it. (In reply to Craig Andrews from comment #4) > Nice catch! > > Let's do it. Cheers! amd64 stable arm done arm64 done x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Unable to check for sanity:
> no match for package: sys-block/mbuffer-20200929
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e3beef0aac4992903418b978f7c643330ac91a6c commit e3beef0aac4992903418b978f7c643330ac91a6c Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-10-17 16:20:02 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-10-17 20:36:28 +0000 app-backup/btrbk: drop 0.29.1 Bug: https://bugs.gentoo.org/806962 Signed-off-by: John Helmert III <ajak@gentoo.org> app-backup/btrbk/Manifest | 1 - app-backup/btrbk/btrbk-0.29.1.ebuild | 76 ------------------------------------ 2 files changed, 77 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=0ee61b1ed441ab2406d6bf942ad340257740ad9a commit 0ee61b1ed441ab2406d6bf942ad340257740ad9a Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-26 12:53:03 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-02-26 12:53:25 +0000 [ GLSA 202402-32 ] btrbk: Remote Code Execution Bug: https://bugs.gentoo.org/806962 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202402-32.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) |