Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 873079

Summary: <dev-python/hiredis-2.0.0-r2: integer overflow via bundled hiredis
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: python, swegener
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 873076    

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-09-26 16:41:06 UTC
Reporting so we can GLSA later.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-10-22 02:00:54 UTC
GLSA request filed.
Comment 2 Larry the Git Cow gentoo-dev 2022-10-31 01:42:08 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=46c10a2105787fddef62e75588d0eed768cad8b5

commit 46c10a2105787fddef62e75588d0eed768cad8b5
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-10-31 01:29:20 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-10-31 01:40:17 +0000

    [ GLSA 202210-32 ] hiredis, hiredis-py: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/816318
    Bug: https://bugs.gentoo.org/873079
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202210-32.xml | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-10-31 02:18:26 UTC
GLSA released, all done!