Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 620104 - net-misc/smb4k-2.0.1 version bump
Summary: net-misc/smb4k-2.0.1 version bump
Status: RESOLVED OBSOLETE
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo KDE team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-29 11:35 UTC by Per Pomsel
Modified: 2017-05-29 20:55 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Per Pomsel 2017-05-29 11:35:50 UTC 
Version 2.0.1 of Smb4K is out.
Comment 1 Andreas Sturmlechner gentoo-dev 2017-05-29 12:10:36 UTC 
Not really necessary, 2.0.0-r1 already contains the security fix as the single change.
Comment 2 Andreas Sturmlechner gentoo-dev 2017-05-29 20:55:46 UTC 
Single commit between 2.0.1 and 2.0.0: https://cgit.kde.org/smb4k.git/log/?h=2.0.1

commit 383caa8657288b58c9851b69051fae01f73816c5

    Find the mount/umount commands in the helper
    instead of trusting what we get passed in
    CVE-2017-8849

See also in Gentoo:

commit d39d7aa14725bc031c1e1b588b7dafa9198111bd

    net-misc/smb4k: Security revbump
    
    Fixes CVE-2017-8849
    Gentoo-bug: 618106

 net-misc/smb4k/files/smb4k-1.2.3-CVE-2017-8849.patch | 365 
 net-misc/smb4k/files/smb4k-2.0.0-CVE-2017-8849.patch | 361 
 net-misc/smb4k/smb4k-1.2.3-r1.ebuild                 |  29 
 net-misc/smb4k/smb4k-2.0.0-r1.ebuild                 |  50