CVE-2021-3405: A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml. Please bump.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5a51938aa0fc53ed5804e6749ecd3db3db489d17 commit 5a51938aa0fc53ed5804e6749ecd3db3db489d17 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-02-24 15:02:47 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-02-24 16:21:43 +0000 dev-libs/libebml: bump to 1.4.2 Bug: https://bugs.gentoo.org/772272 Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Sam James <sam@gentoo.org> dev-libs/libebml/Manifest | 1 + dev-libs/libebml/libebml-1.4.2.ebuild | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+)
ppc done
ppc64 done
arm done
arm64 done
x86 done
sparc stable
amd64 done all arches done
Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ee5c6ba9a4dcb4662c5a7dfe9092ff3378547e54 commit ee5c6ba9a4dcb4662c5a7dfe9092ff3378547e54 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2021-02-25 12:57:20 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2021-02-25 12:57:20 +0000 dev-libs/libebml: Security cleanup Bug: https://bugs.gentoo.org/772272 Package-Manager: Portage-3.0.15, Repoman-3.0.2 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-libs/libebml/Manifest | 4 ---- dev-libs/libebml/libebml-1.3.10.ebuild | 20 -------------------- dev-libs/libebml/libebml-1.3.9.ebuild | 20 -------------------- dev-libs/libebml/libebml-1.4.0.ebuild | 20 -------------------- dev-libs/libebml/libebml-1.4.1.ebuild | 22 ---------------------- 5 files changed, 86 deletions(-)
Thank you!
Package list is empty or all packages have requested keywords.
Request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=2111a6fd84a6c57c50d069870a152079eaa01505 commit 2111a6fd84a6c57c50d069870a152079eaa01505 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-14 00:09:54 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-14 00:11:45 +0000 [ GLSA 202208-21 ] libebml: Heap buffer overflow vulnerability Bug: https://bugs.gentoo.org/772272 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-21.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+)