Versions of uudeview below 0.5.20 are vulnerable to buffer overflows. Reproducible: Didn't try Steps to Reproduce: 1. 2. 3. No ebuild currently exists for uudeview-0.5.20. Upgrading to 0.5.20 solves this problem.
Created attachment 27891 [details] uudeview-0.5.20.ebuild Version bump for uudeview. I removed the patch that was in uudeview 0.5.18 because it doesn't seem to be applicable anymore.
Can someone please test the new ebuild and let me know if anything needs fixing? (And if it's OK, could a dev please commit it?) Thanks in advance.
so, WHO wants this from the CC list?
committed to portage directly as "x86 ~sparc" and removed the older versions
Stable on sparc.
Closing bug; GLSA Released: http://article.gmane.org/gmane.linux.gentoo.announce/295