Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 607676 - <dev-java/icedtea{,-bin}-3.3.0: Multiple vulnerabilties (CVE-2016-{2183,5546,5547,5548,5549,5552}, CVE-2017-{3231,3241,3252,3253,3260,3261,3272,3289})
Summary: <dev-java/icedtea{,-bin}-3.3.0: Multiple vulnerabilties (CVE-2016-{2183,5546,...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: http://blog.fuseyism.com/index.php/20...
Whiteboard: A2 [glsa cve]
Keywords:
Depends on:
Blocks: 605430
  Show dependency tree
 
Reported: 2017-01-29 23:09 UTC by James Le Cuirot
Modified: 2017-07-05 09:11 UTC (History)
1 user (show)

See Also:
Package list:
=dev-java/icedtea-bin-3.3.0 amd64 ppc64 x86
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description James Le Cuirot gentoo-dev 2017-01-29 23:09:48 UTC
Bump coming imminently. Unfortunately the ppc64 dev box (timberdoodle) has died so I am unable to build for that arch right now. I may attempt to set up the replacement this week. Otherwise I'm not sure what we can do without breaking the tree. Let's at least get the other arches stable to deal with bug #605430.
Comment 1 James Le Cuirot gentoo-dev 2017-01-29 23:18:44 UTC
Bumps done. icedtea-3.2.0 has been removed. amd64 and x86 teams, please stabilize icedtea-bin.
Comment 2 Agostino Sarubbo gentoo-dev 2017-01-30 13:10:41 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2017-01-31 11:45:43 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 4 James Le Cuirot gentoo-dev 2017-01-31 11:50:20 UTC
(In reply to Agostino Sarubbo from comment #3)
> Maintainer(s), please cleanup.
> Security, please add it to the existing request, or file a new one.

Can't clean up until ppc64 is sorted out. We're working on it.
Comment 5 Thomas Deutschmann gentoo-dev Security 2017-01-31 16:37:27 UTC
New GLSA request filed.
Comment 6 James Le Cuirot gentoo-dev 2017-02-20 22:53:07 UTC
This has now been keyworded for ppc64 so please stabilize that.
Comment 7 Michael Weber (RETIRED) gentoo-dev 2017-02-24 00:24:54 UTC
ppc64 stable, last arch.
Comment 8 Yury German Gentoo Infrastructure gentoo-dev Security 2017-02-24 00:48:38 UTC
Arches and Maintainer(s). Thank you for your work.
Maintainer(s), please drop the vulnerable version(s).
Comment 9 James Le Cuirot gentoo-dev 2017-02-24 10:31:47 UTC
Old removed.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2017-07-05 09:11:52 UTC
This issue was resolved and addressed in
 GLSA 201707-01 at https://security.gentoo.org/glsa/201707-01
by GLSA coordinator Thomas Deutschmann (whissi).