CVE-2018-14618 (https://nvd.nist.gov/vuln/detail/CVE-2018-14618): ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. @maintainer please call for stabilization when ready. Thank you
curl-7.61.1.ebuild is in the tree and should be rapid stabilized. KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
I guess the package list would be =net-misc/curl-7.61.1 then?
amd64 stable
sparc done.
arm64 stable
hppa stable
ia64 stable
ppc stable
ppc64 stable
x86 stable
Done
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6681b26b2091f8ea5414a03bf79d1459cc197c96 commit 6681b26b2091f8ea5414a03bf79d1459cc197c96 Author: Mikle Kolyada <zlogene@gentoo.org> AuthorDate: 2018-09-21 16:41:27 +0000 Commit: Mikle Kolyada <zlogene@gentoo.org> CommitDate: 2018-09-21 16:41:27 +0000 net-misc/curl: Security cleanup Bug: https://bugs.gentoo.org/665292 Bug: https://bugs.gentoo.org/660894 Package-Manager: Portage-2.3.49, Repoman-2.3.10 net-misc/curl/Manifest | 2 - net-misc/curl/curl-7.60.0-r1.ebuild | 247 ------------------------------------ net-misc/curl/curl-7.60.0.ebuild | 247 ------------------------------------ net-misc/curl/curl-7.61.0.ebuild | 247 ------------------------------------ 4 files changed, 743 deletions(-)
This issue was resolved and addressed in GLSA 201903-03 at https://security.gentoo.org/glsa/201903-03 by GLSA coordinator Aaron Bauman (b-man).