Re: pkg/50082 (suse131 packages are outdated)

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost,okuyama%flex.phys.tohoku.ac.jp@localhost
Subject: Re: pkg/50082 (suse131 packages are outdated)
From: Thomas Klausner <wiz%NetBSD.org@localhost>
Date: Mon, 17 Aug 2015 16:20:00 +0000 (UTC)

The following reply was made to PR pkg/50082; it has been noted by GNATS.

From: Thomas Klausner <wiz%NetBSD.org@localhost>
To: NetBSD bugtracking <gnats-bugs%NetBSD.org@localhost>
Cc: 
Subject: Re: pkg/50082 (suse131 packages are outdated)
Date: Mon, 17 Aug 2015 18:16:30 +0200

 On Sun, Aug 16, 2015 at 01:45:01PM +0000, Rin Okuyama wrote:
 >  At last, CVE-2014-4043 for glibc-2.18 has been resolved:
 >    https://www.suse.com/security/cve/CVE-2014-4043.html
 >  suse131_base, suse131_locale, and pkg-vulnerabilities file
 >  have been updated accordingly.
 >  
 >  Also, a denial-of-service vulnerability was found for OpenLDAP:
 >    https://www.suse.com/security/cve/CVE-2015-1546.html
 >  I've updated suse131_openldap package, and added an entry in
 >  pkg-vulnerabilities file.
 >  
 >  Note that duplicated entries in pkg-vulnerabilities file for
 >  invalid-file-descriptor-reuse
 >    http://www.openwall.com/lists/oss-security/2015/01/28/20
 >  and buffer-overrun
 >    http://www.openwall.com/lists/oss-security/2015/02/04/1
 >  forbid suse_base>=10.0 to be installed, although suse_base>=13.1nb9
 >  are unaffected. Please apply the attached patch to fix this problem.
 
 Thank you, committed!
  Thomas

Prev by Date: PR/50082 CVS commit: pkgsrc/emulators
Next by Date: pkg/50151: Hylafax doesn't build.
Previous by Thread: Re: pkg/50082 (suse131 packages are outdated)
Next by Thread: Re: pkg/50082 (suse131 packages are outdated)
Indexes:

Home | Main Index | Thread Index | Old Index