Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 252403 - <games-arcade/emilia-pinball-0.3.1-r1: bundles its own copy of libltdl
Summary: <games-arcade/emilia-pinball-0.3.1-r1: bundles its own copy of libltdl
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks: bundled-libs
  Show dependency tree
 
Reported: 2008-12-24 15:57 UTC by Diego Elio Pettenò (RETIRED)
Modified: 2010-11-21 16:20 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Diego Elio Pettenò (RETIRED) gentoo-dev 2008-12-24 15:57:15 UTC
Should be better to check if it can use the system copy.
Comment 1 Samuli Suominen (RETIRED) gentoo-dev 2010-03-05 18:42:47 UTC
+*emilia-pinball-0.3.1-r1 (05 Mar 2010)
+
+  05 Mar 2010; Samuli Suominen <ssuominen@gentoo.org>
+  +emilia-pinball-0.3.1-r1.ebuild,
+  +files/emilia-pinball-0.3.1-libtool.patch:
+  Use system libltdl wrt #252403, thanks to Diego E. 'Flameeyes' Pettenò
+  for reporting.

@security: This is CVE-2009-3736.
Comment 2 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-03-06 12:26:54 UTC
x86 stable
Comment 3 Markus Meier gentoo-dev 2010-03-06 13:53:01 UTC
amd64 stable
Comment 4 Joe Jezak (RETIRED) gentoo-dev 2010-03-09 22:31:21 UTC
Marked ppc stable.
Comment 5 Raúl Porcel (RETIRED) gentoo-dev 2010-04-13 18:03:36 UTC
alpha keyword dropped
Comment 6 Samuli Suominen (RETIRED) gentoo-dev 2010-04-13 18:07:37 UTC
all arches done
Comment 7 Tim Sammut (RETIRED) gentoo-dev 2010-11-19 19:13:07 UTC
GLSA Vote: No, binary planting attack against a game.
Comment 8 Stefan Behte (RETIRED) gentoo-dev Security 2010-11-21 16:20:12 UTC
Closing noglsa.