Summary: | <sci-libs/gdal-3.4.1: heap buffer overflow | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | andrewammerlaan, sci-geosciences |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 830589 | ||
Bug Blocks: |
Description
Sam James
2022-01-01 02:09:17 UTC
It looks like 3.4.1 will be soon. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=188fd670f4bf39726bc0468d7d21fa4f6b666b22 commit 188fd670f4bf39726bc0468d7d21fa4f6b666b22 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-01-04 11:34:40 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-01-04 11:34:40 +0000 sci-libs/gdal: add 3.4.1 Bug: https://bugs.gentoo.org/830370 Signed-off-by: Sam James <sam@gentoo.org> sci-libs/gdal/Manifest | 1 + sci-libs/gdal/gdal-3.4.1.ebuild | 323 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 324 insertions(+) Please cleanup The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c9ffd278f8fe238387a6c34cc3697aa6a4db5a5a commit c9ffd278f8fe238387a6c34cc3697aa6a4db5a5a Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2022-02-05 20:27:55 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2022-02-05 20:40:47 +0000 sci-libs/gdal: Cleanup vulnerable 3.3.3 and 3.4.0 Bug: https://bugs.gentoo.org/830370 Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> sci-libs/gdal/Manifest | 2 - sci-libs/gdal/gdal-3.3.3.ebuild | 317 --------------------------------------- sci-libs/gdal/gdal-3.4.0.ebuild | 323 ---------------------------------------- 3 files changed, 642 deletions(-) Thanks! 3.5.0 and 3.5.2 are the only versions we have in ::gentoo at the moment, can this be closed? (In reply to Andrew Ammerlaan from comment #6) > 3.5.0 and 3.5.2 are the only versions we have in ::gentoo at the moment, can > this be closed? We'd like to GLSA. GLSA request filed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=c4dc0365a64e57602af2af1995c69dadce7e6b29 commit c4dc0365a64e57602af2af1995c69dadce7e6b29 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-10-31 01:10:36 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-31 01:40:14 +0000 [ GLSA 202210-15 ] GDAL: Heap Buffer Overflow Bug: https://bugs.gentoo.org/830370 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202210-15.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) GLSA released, all done! |