Summary: | dev-util/bazel: credential disclosure to external server | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | minor | CC: | perfinion |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/bazelbuild/bazel/security/advisories/GHSA-mxr8-q875-rhwq | ||
Whiteboard: | B4 [ebuild] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
![]() ![]() ![]() ![]() Ah, fixes are indeed in 4.2.3, 5.3.2, 5.4.0: https://github.com/bazelbuild/bazel/pull/16450. Needs bumps. |