CVE-2021-27351: The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session. Evidently there's not much information on this, but in any case we should probably go ahead and stabilize 2.4.11 anyway. Please continue when ready.
Sanity check failed: > net-im/telegram-desktop-2.4.11 > depend amd64 dev profile default/linux/amd64/17.0/x32 (1 total) > ~media-libs/tg_owt-0_pre20201112[pulseaudio] > depend amd64 stable profile default/linux/amd64/17.1 (15 total) > ~media-libs/tg_owt-0_pre20201112[pulseaudio] > rdepend amd64 dev profile default/linux/amd64/17.0/x32 (1 total) > ~media-libs/tg_owt-0_pre20201112[pulseaudio] > rdepend amd64 stable profile default/linux/amd64/17.1 (15 total) > ~media-libs/tg_owt-0_pre20201112[pulseaudio]
Unable to check for sanity: > no match for package: media-libs/tg_owt-0_pre2021112
All sanity-check issues have been resolved
amd64 done all arches done
Please cleanup.
Resetting sanity check; package list is empty or all packages are done.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=599beaa6d3b62e8849fde028fea9b37f1a183deb commit 599beaa6d3b62e8849fde028fea9b37f1a183deb Author: Esteve Varela Colominas <esteve.varela@gmail.com> AuthorDate: 2021-04-22 16:22:00 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-04-23 19:05:38 +0000 net-im/telegram-desktop: drop old Bug: https://bugs.gentoo.org/771684 Signed-off-by: Esteve Varela Colominas <esteve.varela@gmail.com> Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> net-im/telegram-desktop/Manifest | 2 - .../telegram-desktop/files/no-webrtc-build.patch | 96 ------------ net-im/telegram-desktop/metadata.xml | 2 - .../telegram-desktop-2.4.11.ebuild | 174 --------------------- .../telegram-desktop-2.4.7-r1.ebuild | 173 -------------------- 5 files changed, 447 deletions(-)
Thanks!
New GLSA request filed.
This issue was resolved and addressed in GLSA 202105-07 at https://security.gentoo.org/glsa/202105-07 by GLSA coordinator Thomas Deutschmann (whissi).