Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 45159 - app-admin/sysstat-5.0.2 version bump [ due to security issues ]
Summary: app-admin/sysstat-5.0.2 version bump [ due to security issues ]
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All All
: High enhancement (vote)
Assignee: Gentoo Security
Depends on:
Reported: 2004-03-19 13:12 UTC by Daniel Webert
Modified: 2004-04-07 04:55 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Webert 2004-03-19 13:12:50 UTC
app-admin/sysstat-5.0.2 version bump
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2004-03-23 14:52:42 UTC
Sparc, PPC, and AMD64 teams: Can you please mark this stable on your architectures since there seems to be a security bug related with this: - Thanks!
Comment 2 Jason Wever (RETIRED) gentoo-dev 2004-03-23 17:46:26 UTC
Stable on sparc.
Comment 3 Daniel Webert 2004-03-25 18:05:59 UTC
in portage
Comment 4 Tim Yamin (RETIRED) gentoo-dev 2004-03-26 08:21:49 UTC
PPC people still need to unmask this.
Comment 5 Tim Yamin (RETIRED) gentoo-dev 2004-04-02 12:53:08 UTC
This needs a nudge since this is a security issue and the PPC people haven't yet marked this as stable. Thanks...
Comment 6 Lars Weiler (RETIRED) gentoo-dev 2004-04-02 16:32:49 UTC
finally bumped stable on ppc.
Comment 7 Tim Yamin (RETIRED) gentoo-dev 2004-04-03 03:42:26 UTC
Thanks Pylon. Should we issue a GLSA for this or not - this seems to be a issue with an insecure /tmp symlink vulnerability?
Comment 8 Thierry Carrez (RETIRED) gentoo-dev 2004-04-06 07:49:14 UTC
It allows overwriting files with the id of the user running the isag command (theorically, not root). I am not sure a GLSA is needed, but there was a RHSA and a DSA on the subject :

If we do a GLSA, we should do it quickly :)
Comment 9 Kurt Lieber (RETIRED) gentoo-dev 2004-04-07 04:55:54 UTC
GLSA 200404-04