On Monday 18 May 2009, Nico Golde wrote: > slim insecurely generates the x authorization file: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529306
Interesting, FWIW..upstream is basically dead so I would assume this is at NeedPatch for now, unless someone comes from the debian bug report.
Apparently this is no longer an issue as of slim 1.3.1-2: <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529306#56>
Created attachment 220459 [details, diff] Patch from Debian
Created attachment 220471 [details, diff] Patch from Debian Eh OK, I'd rather attach the real patch (instead of the patch to create real patch Debian way)...
Thanks for your comment. Maintainers, please provide a fixed ebuild.
New snapshot is in the tree (bug 306961). I would like to wait a few days before stabilization for any bug reports to arise.
@security team: New snapshot is not any worse than current stable. I endorse adding arches. Feel free... :)
(In reply to comment #7) > @security team: New snapshot is not any worse than current stable. I endorse > adding arches. Feel free... :) > Hmm, I guess we will continue now. Keywords: slim-1.3.1-r5[0]: amd64 ppc ppc64 sparc x86 Keywords: slim-1.3.1_p20091114[0]: ~amd64 ~ppc ~ppc64 ~sparc ~x86
x86 stable
ppc64 done
ppc done
amd64 stable
sparc stable
removing myself, nothing left for me to do.
GLSA vote: NO
Unlikely to be exploited, so my GLSA vote is NO, too. Closing noglsa.