CVE-2014-0177 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0177): The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file. @maintainer(s): since the package or the affected version has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.
+*hub-1.12.1 (29 May 2014) + + 29 May 2014; Christoph Junghans <ottxor@gentoo.org> +hub-1.12.1.ebuild, + -hub-1.11.0.ebuild, -hub-1.11.1.ebuild, -hub-1.12.0.ebuild, metadata.xml: + version bump, CVE-2014-0177 (bug #511788) +
CVE-2014-0177 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0177): The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
Thank you! No affected versions stable. Closed as [noglsa]