View previous topic :: View next topic |
Author |
Message |
teika Apprentice
Joined: 19 Feb 2011 Posts: 155 Location: YYYY-MM-DD, period. Have you ever used the Internet?
|
Posted: Fri Aug 16, 2019 8:19 am Post subject: [Security update] Created new ebuild: sys-devel/patch |
|
|
Hi. sys-devel/patch-2.7.6-r3, the latest in the portage tree, is vulnerable, according to Debian's dsa-3389. Unfortunately Gentoo's developers have been busy, and no official update has been released.
I submitted an ebuild at Gentoo bugzilla #690136.
Use at your own risk, but at least it can src_prepare for itself. ;) I recommend you to save the original /usr/bin/patch somewhere.
Best regards. _________________ Hack of easy Shift / Ctrl / AltGr etc; save your pinkies, type without drudgery: topic 865313
XPAT - Xi, Putin, Abe and Trump - are security holes of their own nations. |
|
Back to top |
|
|
fedeliallalinea Administrator
Joined: 08 Mar 2003 Posts: 30906 Location: here
|
Posted: Fri Aug 16, 2019 8:30 am Post subject: |
|
|
We can use also /etc/portage/patches without create a new ebuild _________________ Questions are guaranteed in life; Answers aren't. |
|
Back to top |
|
|
teika Apprentice
Joined: 19 Feb 2011 Posts: 155 Location: YYYY-MM-DD, period. Have you ever used the Internet?
|
Posted: Fri Aug 16, 2019 11:36 pm Post subject: |
|
|
Now the official update is in the portage tree. Thanks Gentoo devs!
@fedeliallalinea
Yep, but ebuilds in the bugzilla are easily searchable. I often search gpo.zugaina.org for updates. Ebuilds in the bugzilla also appears in zugaina, too.
The more noticeable an ebuild is, the more likely it will receive reviews and thus improvements. ;-) |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|