Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 299729 - sys-apps/cciss_vol_status-1.06 version bump
Summary: sys-apps/cciss_vol_status-1.06 version bump
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High enhancement (vote)
Assignee: Tony Vroon (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-01-05 10:34 UTC by Johan Bergström
Modified: 2010-05-02 15:39 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
cciss_vol_status-1.06.ebuild (cciss_vol_status-1.06.ebuild,614 bytes, text/plain)
2010-01-05 10:37 UTC, Johan Bergström 		Details
1.06-strncmp.patch (1.06-strncmp.patch,347 bytes, patch)
2010-01-05 10:38 UTC, Johan Bergström 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johan Bergström 2010-01-05 10:34:40 UTC 
A new version was released back in november. Yay for new versions!
Comment 1 Johan Bergström 2010-01-05 10:37:28 UTC 
Created attachment 215258 [details]
cciss_vol_status-1.06.ebuild

Here's a quick update of the ebuild. It needs a patch to compile which is attached shortly.
Comment 2 Johan Bergström 2010-01-05 10:38:05 UTC 
Created attachment 215260 [details, diff]
1.06-strncmp.patch

Patch for compiling cciss_vol_status 1.06.
Comment 3 hitachi 2010-02-25 22:14:04 UTC 
Severity should be changed to major. This is more than a version bump:
"You are strongly advised to upgrade from previous version, 1.04 due to a bug in the latter in reporting of logical drive status for logical drives with active spares"
Comment 4 Daniel Nagy 2010-04-19 11:00:53 UTC 
Works fine for me for weeks on amd64 and x86 too.
Comment 5 Tony Vroon (RETIRED) gentoo-dev 2010-05-02 15:38:19 UTC 
I don't agree with the patch in this report; I believe strnlen was a typo (it does indeed require two arguments). strlen is the right thing to do, that way the protection of strncmp remains in place.
Your patch could allow a buffer overflow to take place.
Comment 6 Tony Vroon (RETIRED) gentoo-dev 2010-05-02 15:39:44 UTC 
+*cciss_vol_status-1.06 (02 May 2010)
+
+  02 May 2010; <chainsaw@gentoo.org> +files/1.06-strlen-typo.patch,
+  +cciss_vol_status-1.06.ebuild:
+  Version bump, as requested by Johan Bergström in bug #299729. Patched out
+  a strnlen vs strlen typo.