From ${URL} : A buffer overflow was reported [1] in mpfr. This is due to incorrect GMP documentation for mpn_set_str about the size of a buffer (discussion is at [1]; first fix in the GMP documentation is at [2]). This bug is present in the MPFR versions from 2.1.0 (adding mpfr_strtofr) to this one, and can be detected by running "make check" in a 32-bit ABI under GNU/Linux with alloca disabled (this is currently possible by using the --with-gmp-build configure option where alloca has been disabled in the GMP build). It is fixed by the strtofr patch [3]. Corresponding changeset in the 3.1 branch: 9110 [4]. [1]: https://gmplib.org/list-archives/gmp-bugs/2013-December/003267.html [2]: https://gmplib.org/repo/gmp-5.1/raw-rev/d19172622a74 [3]: http://www.mpfr.org/mpfr-3.1.2/patch11 [4]: https://gforge.inria.fr/scm/viewvc.php?view=rev&root=mpfr&revision=9110 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
should be fixed by 3.1.3 in the tree and is fine to stabilize
arch teams: please stabilize mpfr-3.1.3_p4
Stable for HPPA PPC64.
stable for ppc
amd64 stable
x86 stable
arm stable
Stable on alpha.
i've done the rest now
Arches, Thank you for your work. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s).
This issue was resolved and addressed in GLSA 201512-06 at https://security.gentoo.org/glsa/201512-06 by GLSA coordinator Yury German (BlueKnight).
Re-Opening for cleanup. Maintainers, the GLSA has been released please clean up the Vulnerable versions.
Maintainer(s), please drop the vulnerable version(s).
