| View previous topic :: View next topic |
| Author |
Message |
teika
Apprentice
Joined: 19 Feb 2011
Posts: 155
Location: YYYY-MM-DD, period. Have you ever used the Internet?
|
 Posted: Fri Aug 16, 2019 8:19 am Post subject: [Security update] Created new ebuild: sys-devel/patch |
 |
|
Hi. sys-devel/patch-2.7.6-r3, the latest in the portage tree, is vulnerable, according to Debian's dsa-3389. Unfortunately Gentoo's developers have been busy, and no official update has been released.
I submitted an ebuild at Gentoo bugzilla #690136.
Use at your own risk, but at least it can src_prepare for itself. ;) I recommend you to save the original /usr/bin/patch somewhere.
Best regards.
_________________
Hack of easy Shift / Ctrl / AltGr etc; save your pinkies, type without drudgery: topic 865313
XPAT - Xi, Putin, Abe and Trump - are security holes of their own nations. |
|
| Back to top |
|
 |
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 30906
Location: here
|
| Posted: Fri Aug 16, 2019 8:30 am Post subject: |
|
|
We can use also /etc/portage/patches without create a new ebuild
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
teika
Apprentice
Joined: 19 Feb 2011
Posts: 155
Location: YYYY-MM-DD, period. Have you ever used the Internet?
|
| Posted: Fri Aug 16, 2019 11:36 pm Post subject: |
|
|
Now the official update is in the portage tree. Thanks Gentoo devs!
@fedeliallalinea
Yep, but ebuilds in the bugzilla are easily searchable. I often search gpo.zugaina.org for updates. Ebuilds in the bugzilla also appears in zugaina, too.
The more noticeable an ebuild is, the more likely it will receive reviews and thus improvements. ;-) |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
