Alias: CVE-2021-3673 (https://bugzilla.redhat.com/show_bug.cgi?id=1989130): A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=412eaec7e9d11870fb4b831213d93f422b6b613c commit 412eaec7e9d11870fb4b831213d93f422b6b613c Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-10-05 20:35:25 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-10-05 20:40:06 +0000 dev-util/rizin: add 0.3.0 Note that tests are restricted due to uncertainty about the licenses of the test binaries. Bug: https://bugs.gentoo.org/792357 Bug: https://bugs.gentoo.org/807067 Signed-off-by: John Helmert III <ajak@gentoo.org> dev-util/rizin/Manifest | 1 + dev-util/rizin/files/rizin-0.3.0-md4-openssl.patch | 100 ++++++++++++++++ .../rizin/files/rizin-0.3.0-typedb-prefix.patch | 132 +++++++++++++++++++++ dev-util/rizin/rizin-0.3.0.ebuild | 103 ++++++++++++++++ 4 files changed, 336 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=64ff47121444571971ac7092180f61cd07bbf58f commit 64ff47121444571971ac7092180f61cd07bbf58f Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-10-17 14:09:23 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-10-17 16:08:09 +0000 dev-util/rizin: drop 0.2.1 Bug: https://bugs.gentoo.org/807067 Bug: https://bugs.gentoo.org/792357 Signed-off-by: John Helmert III <ajak@gentoo.org> dev-util/rizin/Manifest | 2 - dev-util/rizin/files/rizin-0.2.1-no-rzpipe.patch | 14 ---- dev-util/rizin/rizin-0.2.1.ebuild | 81 ------------------------ 3 files changed, 97 deletions(-)
All done!
