Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 419375 (CVE-2012-2653) - <net-analyzer/arpwatch-2.1.15-r8 Insufficient drop of privileges (CVE-2012-2653)
Summary: <net-analyzer/arpwatch-2.1.15-r8 Insufficient drop of privileges (CVE-2012-2653)
Alias: CVE-2012-2653
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
Whiteboard: B1 [glsa]
Depends on:
Reported: 2012-06-02 16:39 UTC by Michael Weber (RETIRED)
Modified: 2016-07-20 12:06 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Michael Weber (RETIRED) gentoo-dev 2012-06-02 16:39:04 UTC
I just took a look at the patchset 
and i think the mentioned code lines are in 

Comment 1 Michael Weber (RETIRED) gentoo-dev 2012-06-02 16:41:02 UTC
Personally debian gave me the hint:
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2016-02-21 06:35:55 UTC
Previous comments have proper link to other distro patches.  Maintainer/project please bump with appropriate patch.  No rdeps present so this is a candidate for tree cleaning.
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2016-02-21 07:18:17 UTC
Arch teams, please test and mark stable:
Targeted stable KEYWORDS : amd64 hppa ppc sparc x86
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2016-02-22 06:01:47 UTC
Stable for HPPA.
Comment 5 Agostino Sarubbo gentoo-dev 2016-03-02 13:59:24 UTC
amd64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2016-03-15 16:40:33 UTC
x86 stable
Comment 7 Agostino Sarubbo gentoo-dev 2016-03-16 12:04:25 UTC
ppc stable
Comment 8 Agostino Sarubbo gentoo-dev 2016-03-19 11:36:55 UTC
sparc stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 9 Aaron Bauman (RETIRED) gentoo-dev 2016-03-19 12:55:32 UTC
GLSA request opened.
Comment 10 Aaron Bauman (RETIRED) gentoo-dev 2016-03-24 06:58:07 UTC
@maintainer, still pending cleanup.  Please let us know when complete or if you are unable to.  Thanks.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2016-07-20 12:06:20 UTC
This issue was resolved and addressed in
 GLSA 201607-16 at
by GLSA coordinator Aaron Bauman (b-man).