Hello. fwknop reached version 2.6.2 recently. This release brings fix for a double free bug when using GPG backend. Related part of Changelog: fix double free bug in SPA parser discovered with the new python SPA payload fuzzer [...]. This bug could be triggered in fwknopd with a malicious SPA payload, but only when GnuPG is used and when an attacker is in possession of valid GnuPG keys listed in the access.conf file. In other words, an arbitrary attacker cannot trigger this bug. @proxy-maint, please increment version of the current fwknop-2.6.1 ebuild in tree. fwknop-2.6.2 should replace fwknop-2.6.1, i.e. please also remove old fwknop-2.6.1 ebuild after it is replaced with the 2.6.2 one. Thanks. Reproducible: Always
Thanks, bumped.
Thanks for bump. But what about pkgmove?
What pkgmove?
(In reply to Sven Vermeulen from comment #3) > What pkgmove? Change category from net-firewall/ to net-misc/. See also https://bugs.gentoo.org/show_bug.cgi?id=178546#c26
pkgmove considered unneeded after discussion with @proxy-main team. Closing.