Bug 931259 (CVE-2024-34402, CVE-2024-34403)

Summary:	<dev-libs/uriparser-0.9.8: multiple vulnerabilities
Product:	Gentoo Security	Reporter:	Sebastian Pipping <sping>
Component:	Vulnerabilities	Assignee:	Sebastian Pipping <sping>
Status:	IN_PROGRESS ---
Severity:	normal
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---
Bug Depends on:	931260
Bug Blocks:

Description Sebastian Pipping gentoo-dev

2024-05-05 17:23:50 UTC

- https://github.com/uriparser/uriparser/issues/183
- https://github.com/uriparser/uriparser/pull/185
- https://github.com/uriparser/uriparser/pull/186

Bump to 0.9.8 upcoming in a minute…

Comment 1 Larry the Git Cow gentoo-dev

2024-05-05 17:24:44 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=08a036381b2e8d6ffeba7bc6a3ef269ba45de9e4

commit 08a036381b2e8d6ffeba7bc6a3ef269ba45de9e4
Author:     Sebastian Pipping <sping@gentoo.org>
AuthorDate: 2024-05-05 17:19:12 +0000
Commit:     Sebastian Pipping <sping@gentoo.org>
CommitDate: 2024-05-05 17:24:19 +0000

    dev-libs/uriparser: 0.9.8 with security fixes
    
    Bug: https://bugs.gentoo.org/931259
    Signed-off-by: Sebastian Pipping <sping@gentoo.org>

 dev-libs/uriparser/Manifest               |  1 +
 dev-libs/uriparser/uriparser-0.9.8.ebuild | 57 +++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+)