Summary: | <sys-apps/coreutils-9.4-r1: split heap buffer overflow vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | normal | CC: | base-system |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.openwall.com/lists/oss-security/2024/01/18/2 | ||
Whiteboard: | A2 [glsa cleanup] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 926980 | ||
Bug Blocks: |
Description
Sam James
![]() ![]() ![]() ![]() The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f00b339a42285e269063b7cdecb9d5e726ee2bf7 commit f00b339a42285e269063b7cdecb9d5e726ee2bf7 Author: Sam James <sam@gentoo.org> AuthorDate: 2024-01-30 20:22:06 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-01-30 20:49:09 +0000 sys-apps/coreutils: patch CVE-2024-0684 Bug: https://bugs.gentoo.org/922474 Signed-off-by: Sam James <sam@gentoo.org> sys-apps/coreutils/coreutils-9.4-r1.ebuild | 273 +++++++++++++++++++++ .../files/coreutils-9.4-CVE-2024-0684.patch | 31 +++ 2 files changed, 304 insertions(+) I'm avoiding cleaning up 8.32 (still!) because of all the ZFS bugs with CoW, as it's been useful for people to be able to downgrade to it. But 9.4 can go. |