140494 – x11-libs/openmotif - security cleanup needed

Bug 140494 - x11-libs/openmotif - security cleanup needed

Summary: x11-libs/openmotif - security cleanup needed

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:	146062 160056
	Show dependency tree

Reported:	2006-07-15 07:27 UTC by Jakub Moc (RETIRED)
Modified:	2007-12-30 16:49 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jakub Moc (RETIRED) gentoo-dev

2006-07-15 07:27:31 UTC

x11-libs/lesstif-0.93.94-r4: vulnerable via glsa(200503-08) ( ver-rev < 0.94.0-r2 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86')
x11-libs/lesstif-0.93.94-r4: vulnerable via glsa(200502-06) ( ver < 0.94.0 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86')
x11-libs/lesstif-0.93.94-r4: vulnerable via glsa(200410-09) ( ver < 0.93.97 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86')

x11-libs/openmotif-2.1.30-r9: vulnerable via glsa(200512-16) ( ver-rev < 2.2.3-r8 && not ( ver = 2.1.30 && ver-rev => 2.1.30-r13 ) ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'mips', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86')
x11-libs/openmotif-2.2.3-r3: vulnerable via glsa(200512-16) ( ver-rev < 2.2.3-r8 && not ( ver = 2.1.30 && ver-rev => 2.1.30-r13 ) ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'mips', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86')

Please, clean up the above. Assigning to treecleaners (orphaned stuff after lanius retired). Thanks.

Comment 1 Alec Warner (RETIRED) archtester

2006-07-15 10:26:21 UTC

Treecleaners doesn't really do this at present, although we may expand it in the future.  Co-ordinate between qa and security.

Comment 2 Chris White (RETIRED) gentoo-dev

2006-08-05 18:48:35 UTC

Insecure versions punted.

Comment 3 Jakub Moc (RETIRED) gentoo-dev

2006-10-20 04:58:55 UTC

(In reply to comment #2)
> Insecure versions punted.

Didn't go well apparently :) 


x11-libs/openmotif-2.2.3-r3: vulnerable via glsa(200512-16) ( ver-rev < 2.2.3-r8 && not ( ver = 2.1.30 && ver-rev >= 2.1.30-r13 ) ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'mips', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86')

x11-libs/lesstif-0.93.94-r4: vulnerable via glsa(200503-08) ( ver-rev < 0.94.0-r2 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86')
x11-libs/lesstif-0.93.94-r4: vulnerable via glsa(200502-06) ( ver < 0.94.0 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86')
x11-libs/lesstif-0.93.94-r4: vulnerable via glsa(200410-09) ( ver < 0.93.97 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'ppc', 'ppc-macos', 'ppc64', 'sparc', 'x86')

@mips - you need newer openmotif stable (or drop the stable keyword altogether).

Comment 4 Luca Longinotti (RETIRED) gentoo-dev

2006-11-28 09:41:30 UTC

x11-libs/lesstif-0.93.94-r4 removed, newer openmotif still needs mips stable keyword.
Best regards, CHTEKK.

Comment 5 Jakub Moc (RETIRED) gentoo-dev

2007-11-15 15:27:41 UTC

 28 Sep 2007; Joshua Kinard <kumba@gentoo.org> openmotif-2.3.0.ebuild:
  Stable on mips, per #183736.

Someone please punt <=x11-libs/openmotif-2.2.3-r3 finally and close the bug.

Comment 6 Petteri Räty (RETIRED) gentoo-dev

2007-12-30 16:49:24 UTC

(In reply to comment #5)
>  28 Sep 2007; Joshua Kinard <kumba@gentoo.org> openmotif-2.3.0.ebuild:
>   Stable on mips, per #183736.
> 
> Someone please punt <=x11-libs/openmotif-2.2.3-r3 finally and close the bug.
> 

Punted.