From upstream changelog: "Fix a potential out of bounds write when checking a maliciously corrupted file system. This is probably not exploitable on 64-bit platforms, but may be exploitable on 32-bit binaries depending on how the compiler lays out the stack variables. (Addresses CVE-2019-5188)" Likely low severity, but FWIW I wouldn't necessarily trust the "probably not exploitable". We already have 1.45.5 in the tree, just needs to be stabilized.
amd64 stable
x86 stable
sparc stable
s390 stable
ppc64 stable
arm stable
ia64 stable
ppc stable
hppa stable
arm64 stable
SuperH port disbanded.
[updating whiteboard.] @m68k: ping.
m68k dropped stable keywords
@maintainer(s), please cleanup
GLSA Vote: No Maintainer(s), please drop the vulnerable version(s).
@maintainer(s), ping, please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13c222380d8698c307298598498b97fffe91ab25 commit 13c222380d8698c307298598498b97fffe91ab25 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2020-06-18 06:32:51 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-06-18 06:33:00 +0000 sys-libs/e2fsprogs-libs: Security cleanup Bug: https://bugs.gentoo.org/709374 Package-Manager: Portage-2.3.101, Repoman-2.3.22 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> sys-libs/e2fsprogs-libs/Manifest | 1 - .../e2fsprogs-libs/e2fsprogs-libs-1.45.4.ebuild | 94 ---------------------- 2 files changed, 95 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a100d2e782b8f0f5dcbefeb4822cd5b22e08d5b commit 7a100d2e782b8f0f5dcbefeb4822cd5b22e08d5b Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2020-06-18 06:31:46 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-06-18 06:32:59 +0000 sys-fs/e2fsprogs: Security cleanup Bug: https://bugs.gentoo.org/709374 Package-Manager: Portage-2.3.101, Repoman-2.3.22 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> sys-fs/e2fsprogs/Manifest | 1 - sys-fs/e2fsprogs/e2fsprogs-1.45.4.ebuild | 143 ------------------------------- 2 files changed, 144 deletions(-)