Summary: | media-sound/clementine: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | alexey+gentoo, polynomial-c, proxy-maint, sound |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://github.com/clementine-player/Clementine/issues/7134 https://github.com/gentoo/gentoo/pull/26952 |
||
Whiteboard: | B2 [upstream?] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2021-12-15 23:58:36 UTC
According to DarthGandalf on the Github PR, "The security bug affects only the windows build because it uses an old dependency in the installer. It probably can be closed already, but with the new release we can be 100% sure the old dependency is not there anymore" The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dda6c61790f0781c8954410f0085dacfa2abd21a commit dda6c61790f0781c8954410f0085dacfa2abd21a Author: Alexey Sokolov <alexey+gentoo@asokolov.org> AuthorDate: 2022-08-21 22:10:35 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2022-09-14 06:08:46 +0000 media-sound/clementine: version 1.4.0_rc2 Closes: https://bugs.gentoo.org/865939 Bug: https://bugs.gentoo.org/829307 Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Alexey Sokolov <alexey+gentoo@asokolov.org> Closes: https://github.com/gentoo/gentoo/pull/26952 Signed-off-by: Joonas Niilola <juippis@gentoo.org> media-sound/clementine/Manifest | 1 + media-sound/clementine/clementine-1.4.0_rc2.ebuild | 164 +++++++++++++++++++++ media-sound/clementine/clementine-9999.ebuild | 40 ++--- 3 files changed, 180 insertions(+), 25 deletions(-) |