Summary: | <sys-cluster/libqb-2.0.8: buffer overflow via long log messages | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Allen Webb <allenwebb> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | normal | CC: | ajak, allenwebb, cluster |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/ClusterLabs/libqb/pull/490 | ||
See Also: | https://github.com/gentoo/gentoo/pull/36368 | ||
Whiteboard: | B2 [stable?] | ||
Package list: | Runtime testing required: | --- |
Description
Allen Webb
2023-12-04 16:38:37 UTC
Looks like this is fixed in 2.0.8: https://github.com/ClusterLabs/libqb/releases/tag/v2.0.8 On ChromeOS we have moved to libqqb 2.0.8 with the same ebuild as 2.0.4 with just a name change and the newer source archive + digests. https://chromium-review.googlesource.com/c/chromiumos/overlays/chromiumos-overlay/+/5177738 (In reply to Allen Webb from comment #2) > On ChromeOS we have moved to libqqb 2.0.8 with the same ebuild as 2.0.4 with > just a name change and the newer source archive + digests. > > https://chromium-review.googlesource.com/c/chromiumos/overlays/chromiumos- > overlay/+/5177738 Care to make a PR? :) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b77e756584b035aedf67e85070e578e245e05ea commit 6b77e756584b035aedf67e85070e578e245e05ea Author: Christopher Fore <csfore@posteo.net> AuthorDate: 2024-04-22 23:30:35 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-05-03 11:53:39 +0000 sys-cluster/libqb: add 2.0.8, security bump - Bump EAPI 7 -> 8 - Tests pass Bug: https://bugs.gentoo.org/919157 Signed-off-by: Christopher Fore <csfore@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/36368 Signed-off-by: Sam James <sam@gentoo.org> sys-cluster/libqb/Manifest | 1 + sys-cluster/libqb/libqb-2.0.8.ebuild | 68 ++++++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+) |