Summary: | <app-containers/cosign-1.13.0: false positive verification | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | williamh |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/sigstore/cosign/security/advisories/GHSA-vjxv-45g9-9296 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=870160 | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2022-08-08 16:33:33 UTC
commit 1d7282c8cb9e2c88da3a612d5f12e89c03b9b4d7 Author: William Hubbs <williamh@gentoo.org> Date: Mon Oct 17 09:32:24 2022 -0500 app-containers/cosign: add 1.13.0 Signed-off-by: William Hubbs <williamh@gentoo.org> Please cleanup. The earliest version in the tree is 1.12.1. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1d6cb09ba0620b498bac7aea3f8830301b51e403 commit 1d6cb09ba0620b498bac7aea3f8830301b51e403 Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2022-10-17 14:38:12 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2022-10-17 14:39:12 +0000 app-containers/cosign: drop 1.10.0, 1.12.1 Bug: https://bugs.gentoo.org/864436 Bug: https://bugs.gentoo.org/870160 Signed-off-by: William Hubbs <williamh@gentoo.org> app-containers/cosign/Manifest | 4 --- app-containers/cosign/cosign-1.10.0.ebuild | 33 ------------------ app-containers/cosign/cosign-1.12.1.ebuild | 29 ---------------- .../cosign/files/cosign-1.10.0-fix-makefile.patch | 40 ---------------------- 4 files changed, 106 deletions(-) Thanks! |