Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 717936 (CVE-2020-14150) - <sys-devel/bison-3.5.4: Multiple vulnerabilities (CVE-2020-14150)
Summary: <sys-devel/bison-3.5.4: Multiple vulnerabilities (CVE-2020-14150)
Status: IN_PROGRESS
Alias: CVE-2020-14150
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://lists.gnu.org/archive/html/in...
Whiteboard: A3 [stable cve]
Keywords: CC-ARCHES, STABLEREQ
Depends on: 709732
Blocks: 730488
  Show dependency tree
 
Reported: 2020-04-17 18:19 UTC by Sam James
Modified: 2020-08-01 15:20 UTC (History)
9 users (show)

See Also:
Package list:
sys-devel/bison-3.6.4
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James gentoo-dev Security 2020-04-17 18:19:26 UTC
Quoting from 3.5.4 release notes:
"Several unlikely crashes found by fuzzing have been fixed."
Comment 1 Sam James gentoo-dev Security 2020-04-17 18:20:41 UTC
@maintainer(s), please advise if ready for stabilisation, or call yourself.

Given that these crashes are unlikely, if you are not yet comfortable with stabilisation, there is no problem.
Comment 2 Sam James gentoo-dev Security 2020-06-04 17:00:35 UTC
ping
Comment 3 Andreas Sturmlechner gentoo-dev 2020-06-28 17:50:25 UTC
Why not go straight for 3.6.4?
Comment 4 Joakim Tjernlund 2020-06-29 20:50:43 UTC
(In reply to Andreas Sturmlechner from comment #3)
> Why not go straight for 3.6.4?

Yes, that would be great.
Comment 5 Rolf Eike Beer 2020-07-29 17:34:59 UTC
hppa stable
Comment 6 Sergei Trofimovich gentoo-dev 2020-08-01 15:20:12 UTC
sparc stable