Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 509672 - net-firewall/fwknop-2.6.2 version bump / pkgmove
Summary: net-firewall/fwknop-2.6.2 version bump / pkgmove
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Sven Vermeulen (RETIRED)
URL: https://github.com/mrash/fwknop/relea...
Whiteboard:
Keywords:
Depends on: 178546
Blocks:
  Show dependency tree
 
Reported: 2014-05-06 09:31 UTC by Coacher
Modified: 2014-06-01 20:02 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Coacher 2014-05-06 09:31:08 UTC 
Hello.

fwknop reached version 2.6.2 recently. This release brings fix for a double free bug when using GPG backend.

Related part of Changelog:

fix double free bug in SPA parser discovered with the new
python SPA payload fuzzer [...]. This bug could be triggered
in fwknopd with a malicious SPA payload, but only when GnuPG is used and
when an attacker is in possession of valid GnuPG keys listed in the
access.conf file. In other words, an arbitrary attacker cannot trigger
this bug.


@proxy-maint, please increment version of the current fwknop-2.6.1 ebuild in tree.
fwknop-2.6.2 should replace fwknop-2.6.1, i.e. please also remove old fwknop-2.6.1 ebuild after it is replaced with the 2.6.2 one. Thanks.

Reproducible: Always
Comment 1 Sven Vermeulen (RETIRED) gentoo-dev 2014-05-28 16:20:12 UTC 
Thanks, bumped.
Comment 2 Coacher 2014-05-31 23:05:54 UTC 
Thanks for bump. But what about pkgmove?
Comment 3 Sven Vermeulen (RETIRED) gentoo-dev 2014-06-01 12:25:16 UTC 
What pkgmove?
Comment 4 Coacher 2014-06-01 13:23:57 UTC 
(In reply to Sven Vermeulen from comment #3)
> What pkgmove?

Change category from net-firewall/ to net-misc/. See also https://bugs.gentoo.org/show_bug.cgi?id=178546#c26
Comment 5 Coacher 2014-06-01 20:02:46 UTC 
pkgmove considered unneeded after discussion with @proxy-main team. Closing.