Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 611290 - <=x11-terms/evilvte-0.5.1: Allows executing (unexpected) commands via mouse-clicks
Summary: <=x11-terms/evilvte-0.5.1: Allows executing (unexpected) commands via mouse-c...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://github.com/caleb-/evilvte/iss...
Whiteboard: C2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-03-01 07:31 UTC by Harri Nieminen (Moiman)
Modified: 2017-08-21 01:20 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Harri Nieminen (Moiman) 2017-03-01 07:31:05 UTC
See debian bug report for more information:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854585

Upstream bug report:
https://github.com/caleb-/evilvte/issues/38

I would Suggest sending last rites to this package. No upstream activity since 31 Mar 2014.
Also has two open bugs for it 601350 and 587040 .

Reproducible: Always
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2017-03-01 08:25:51 UTC
MATCH_STRING_HTTP is disabled by default and can only be enabled through USE=savedconfig and relevant edits to src/config.h.
Comment 2 Thomas Deutschmann gentoo-dev 2017-03-01 22:55:49 UTC
@ Maintainer(s): CC'ing tree cleaners because nothing depend on the package and to follow Debian. If you want to keep this package in repository please tell us how you want to handle the reported problem.
Comment 3 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2017-08-14 08:04:00 UTC
commit f9817ef6dd0b8152546951ebceb237b0fdeaad78
Author:     Michał Górny <mgorny@gentoo.org>
AuthorDate: Mon Aug 14 10:00:03 2017
Commit:     Michał Górny <mgorny@gentoo.org>
CommitDate: Mon Aug 14 10:02:55 2017

    x11-terms/evilvte: Remove last-rited pkg, #601350

 profiles/package.mask                       |  6 ---
 x11-terms/evilvte/Manifest                  |  2 -
 x11-terms/evilvte/evilvte-0.5.1.ebuild      | 43 ---------------------
 x11-terms/evilvte/evilvte-0.5.2_pre1.ebuild | 58 -----------------------------
 x11-terms/evilvte/metadata.xml              |  8 ----
 5 files changed, 117 deletions(-)
Comment 4 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-08-14 23:35:21 UTC
Removal GLSA request open.
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2017-08-21 01:20:22 UTC
This issue was resolved and addressed in
 GLSA 201708-07 at https://security.gentoo.org/glsa/201708-07
by GLSA coordinator Thomas Deutschmann (whissi).