Summary: | <net-p2p/nicotine+-3.2.1: DoS via malicious download request | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | slashbeast |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/nicotine-plus/nicotine-plus/issues/1777 | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 849701 | ||
Bug Blocks: |
Description
John Helmert III
2022-03-15 21:12:56 UTC
Please cleanup, thanks! The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=67bf62274406a6ce154207e7195df5668a4f9311 commit 67bf62274406a6ce154207e7195df5668a4f9311 Author: Piotr Karbowski <slashbeast@gentoo.org> AuthorDate: 2022-10-19 19:40:29 +0000 Commit: Piotr Karbowski <slashbeast@gentoo.org> CommitDate: 2022-10-19 19:40:29 +0000 net-p2p/nicotine+: drop old. Closes: https://bugs.gentoo.org/835374 Signed-off-by: Piotr Karbowski <slashbeast@gentoo.org> net-p2p/nicotine+/Manifest | 4 ---- net-p2p/nicotine+/nicotine+-2.2.2.ebuild | 41 -------------------------------- net-p2p/nicotine+/nicotine+-3.1.1.ebuild | 41 -------------------------------- net-p2p/nicotine+/nicotine+-3.2.0.ebuild | 41 -------------------------------- net-p2p/nicotine+/nicotine+-3.2.1.ebuild | 41 -------------------------------- 5 files changed, 168 deletions(-) (In reply to Larry the Git Cow from comment #2) > The bug has been closed via the following commit(s): > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > ?id=67bf62274406a6ce154207e7195df5668a4f9311 > > commit 67bf62274406a6ce154207e7195df5668a4f9311 > Author: Piotr Karbowski <slashbeast@gentoo.org> > AuthorDate: 2022-10-19 19:40:29 +0000 > Commit: Piotr Karbowski <slashbeast@gentoo.org> > CommitDate: 2022-10-19 19:40:29 +0000 > > net-p2p/nicotine+: drop old. > > Closes: https://bugs.gentoo.org/835374 > Signed-off-by: Piotr Karbowski <slashbeast@gentoo.org> > > net-p2p/nicotine+/Manifest | 4 ---- > net-p2p/nicotine+/nicotine+-2.2.2.ebuild | 41 > -------------------------------- > net-p2p/nicotine+/nicotine+-3.1.1.ebuild | 41 > -------------------------------- > net-p2p/nicotine+/nicotine+-3.2.0.ebuild | 41 > -------------------------------- > net-p2p/nicotine+/nicotine+-3.2.1.ebuild | 41 > -------------------------------- > 5 files changed, 168 deletions(-) Again, not what you should do for security bugs. GLSA request filed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=afaa1e2a7eac94eb6f2ecf1950d5cf22db044f31 commit afaa1e2a7eac94eb6f2ecf1950d5cf22db044f31 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-10-31 01:14:04 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-31 01:40:15 +0000 [ GLSA 202210-20 ] Nicotine+: Denial of Service Bug: https://bugs.gentoo.org/835374 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202210-20.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) GLSA released, all done! |