v6.6.0 was released on 12 Dec 2017: http://lists.gnu.org/archive/html/info-global/2017-12/msg00000.html v6.6.1 was released on 16 Dec 2017 as a security fix release (CVE-2017-17531) which affects all versions prior to this one: http://lists.gnu.org/archive/html/info-global/2017-12/msg00001.html Bumping the ebuild, in this case, is enough.
v6.6.2 was released on 9 Feb 2018: http://lists.gnu.org/archive/html/info-global/2018-02/msg00000.html Considering how long v6.6.x has been out and that this is a security issue, it would be nice to get this version bumped in the tree asap.
@security, as there is no fixed version available in tree; changing summary and setting perceived Whiteboard based off vulnerability description. Gentoo Security Jmbailey/mbailey_j
@maintainer(s), please create an appropriate ebuild, and call for stabilisation when ready.
(In reply to sam_c (Security Padawan) from comment #3) > @maintainer(s), please create an appropriate ebuild, and call for > stabilisation when ready. sorry, I meant: @maintainer(s), please advise if you are ready for stabilisation or call for stabilisation yourself.
Been in tree long enough. Will stable unless any objections.
ppc stable
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
GLSA vote: no
This issue was resolved and addressed in GLSA 202008-02 at https://security.gentoo.org/glsa/202008-02 by GLSA coordinator Sam James (sam_c).
Reopening for cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=76c1cf9aa7fd7da4311612199fd09ed9caff0290 commit 76c1cf9aa7fd7da4311612199fd09ed9caff0290 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-09-09 16:01:36 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-09-09 16:01:36 +0000 dev-util/global: security cleanup Bug: https://bugs.gentoo.org/646348 Package-Manager: Portage-3.0.4, Repoman-3.0.1 Signed-off-by: Sam James <sam@gentoo.org> dev-util/global/Manifest | 2 - dev-util/global/global-6.3.1.ebuild | 81 ------------------------------- dev-util/global/global-6.5.7.ebuild | 96 ------------------------------------- 3 files changed, 179 deletions(-)
