Summary: | <dev-java/snappy-1.1.10.1: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | minor | CC: | fordfrog, java |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=908648 https://github.com/gentoo/gentoo/pull/31515 |
||
Whiteboard: | B3 [glsa?] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 916061 | ||
Bug Blocks: |
Description
John Helmert III
2023-06-16 02:49:43 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5fbc771aba4be60c25e01147b4c2790b4eb5ef0e commit 5fbc771aba4be60c25e01147b4c2790b4eb5ef0e Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2023-06-16 14:55:12 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2023-09-21 06:39:36 +0000 dev-java/snappy: add 1.1.10.1 - CVE-2023-34453, CVE-2023-34454, CVE-2023-34455 Bug: https://bugs.gentoo.org/908557 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Closes: https://github.com/gentoo/gentoo/pull/31515 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> dev-java/snappy/Manifest | 2 + .../snappy-1.1.10.1-SnappyOutputStreamTest.patch | 26 +++++ .../files/snappy-1.1.10.1-unbundle-snappy.patch | 51 +++++++++ dev-java/snappy/snappy-1.1.10.1.ebuild | 124 +++++++++++++++++++++ 4 files changed, 203 insertions(+) the tree is clean now, you can proceed |