v6.6.0 was released on 12 Dec 2017:
v6.6.1 was released on 16 Dec 2017 as a security fix release (CVE-2017-17531) which affects all versions prior to this one:
Bumping the ebuild, in this case, is enough.
v6.6.2 was released on 9 Feb 2018:
Considering how long v6.6.x has been out and that this is a security issue, it would be nice to get this version bumped in the tree asap.
@security, as there is no fixed version available in tree; changing summary and setting perceived Whiteboard based off vulnerability description.
@maintainer(s), please create an appropriate ebuild, and call for stabilisation when ready.
(In reply to sam_c (Security Padawan) from comment #3)
> @maintainer(s), please create an appropriate ebuild, and call for
> stabilisation when ready.
sorry, I meant:
@maintainer(s), please advise if you are ready for stabilisation or call for stabilisation yourself.
Been in tree long enough. Will stable unless any objections.
Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
GLSA vote: no
This issue was resolved and addressed in
GLSA 202008-02 at https://security.gentoo.org/glsa/202008-02
by GLSA coordinator Sam James (sam_c).
Reopening for cleanup.
The bug has been referenced in the following commit(s):
Author: Sam James <email@example.com>
AuthorDate: 2020-09-09 16:01:36 +0000
Commit: Sam James <firstname.lastname@example.org>
CommitDate: 2020-09-09 16:01:36 +0000
dev-util/global: security cleanup
Package-Manager: Portage-3.0.4, Repoman-3.0.1
Signed-off-by: Sam James <email@example.com>
dev-util/global/Manifest | 2 -
dev-util/global/global-6.3.1.ebuild | 81 -------------------------------
dev-util/global/global-6.5.7.ebuild | 96 -------------------------------------
3 files changed, 179 deletions(-)