Quoting from ChangeLog: "l. Fixed out-of-bounds and free memory read errors found via fuzzing."
@maintainer(s), please advise if ready for stabilisation, or call yourself
@maintainer(s), please cleanup
This issue was resolved and addressed in GLSA 202006-10 at https://security.gentoo.org/glsa/202006-10 by GLSA coordinator Aaron Bauman (b-man).
re-opened for cleanup/masking
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2280012d7e09b97fb7441ea8c2b353f30a6ed356 commit 2280012d7e09b97fb7441ea8c2b353f30a6ed356 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-07-29 20:30:35 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-07-30 08:04:52 +0000 sys-libs/readline: Security cleanup (drop <8) Bug: https://bugs.gentoo.org/717924 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/16893 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> sys-libs/readline/Manifest | 15 -- .../readline-6.3-fix-long-prompt-vi-search.patch | 26 --- .../readline/files/readline-6.3-read-eof.patch | 54 ------- sys-libs/readline/files/readline-7.0-mingw.patch | 152 ------------------ .../files/readline-7.0-missing-echo-proto.patch | 14 -- sys-libs/readline/readline-6.3_p8-r3.ebuild | 163 ------------------- sys-libs/readline/readline-7.0_p5-r1.ebuild | 174 --------------------- 7 files changed, 598 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2ad8bd5161e9eafeb37f46c9a9e321903a1797e0 commit 2ad8bd5161e9eafeb37f46c9a9e321903a1797e0 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2020-07-30 08:51:59 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-07-30 08:52:33 +0000 Revert "sys-libs/readline: Security cleanup (drop <8)" This reverts commit 2280012d7e09b97fb7441ea8c2b353f30a6ed356. because it breaks app-admin/puppet-agent and dev-lisp/clisp Bug: https://bugs.gentoo.org/717924 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> sys-libs/readline/Manifest | 15 ++ .../readline-6.3-fix-long-prompt-vi-search.patch | 26 +++ .../readline/files/readline-6.3-read-eof.patch | 54 +++++++ sys-libs/readline/files/readline-7.0-mingw.patch | 152 ++++++++++++++++++ .../files/readline-7.0-missing-echo-proto.patch | 14 ++ sys-libs/readline/readline-6.3_p8-r3.ebuild | 163 +++++++++++++++++++ sys-libs/readline/readline-7.0_p5-r1.ebuild | 174 +++++++++++++++++++++ 7 files changed, 598 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=20a6be318ebc738b8ca0fb36e01499035277f39d commit 20a6be318ebc738b8ca0fb36e01499035277f39d Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-07-30 19:08:10 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-12-21 01:55:33 +0000 sys-libs/readline: Security cleanup (drop <8) Bug: https://bugs.gentoo.org/717924 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/16911 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> sys-libs/readline/Manifest | 15 -- .../readline-6.3-fix-long-prompt-vi-search.patch | 26 --- .../readline/files/readline-6.3-read-eof.patch | 54 ------- sys-libs/readline/files/readline-7.0-mingw.patch | 152 ------------------ .../files/readline-7.0-missing-echo-proto.patch | 14 -- sys-libs/readline/readline-6.3_p8-r3.ebuild | 163 ------------------- sys-libs/readline/readline-7.0_p5-r1.ebuild | 174 --------------------- 7 files changed, 598 deletions(-)
Cleanup done finally \o/