CVE-2008-1926 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1926): Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."
i already added util-linux-2.13.1.1 which contains the fix for this
Arches, please test and mark stable: =sys-apps/util-linux-2.13.1.1 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 release s390 sh sparc x86"
Sparc stable, no problems seen.
Stable for HPPA.
alpha/ia64/x86 stable
ppc64 stable
amd64 stable
ppc stable
Fixed in release snapshot.
GLSA vote, I tend to vote no.
I vote YES
Voting NO.
mmh ok, changing my vote and closing without GLSA.