Summary: | dev-lang/mono: nuget credential leak | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | normal | CC: | dotnet, maintainer-needed |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/NuGet/Home/issues/11883 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 908819 |
Description
Sam James
2023-06-17 02:18:00 UTC
@dotnet: could you give us the first fixed versions in gentoo for each of the relevant dotnet sdk pkgs? thanks! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=15253e35bb941ccae9ac5c9f0201599ed1bd9167 commit 15253e35bb941ccae9ac5c9f0201599ed1bd9167 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-06-17 02:18:07 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-06-17 02:18:07 +0000 dev-lang/mono: add 6.12.0.182 Bug: https://bugs.gentoo.org/908612 Signed-off-by: Sam James <sam@gentoo.org> dev-lang/mono/Manifest | 1 + dev-lang/mono/mono-6.12.0.182.ebuild | 122 +++++++++++++++++++++++++++++++++++ 2 files changed, 123 insertions(+) - dev-dotnet/dotnet-sdk-bin-3.1.423-r4 affected, has NuGet 5.7.2.7 - dev-dotnet/dotnet-sdk-bin-5.0.408-r4 affected, has NuGet 5.11.1.5 Others unaffected. |