Gentoo Archives: gentoo-security

From: Carsten Lohrke <carlo@g.o>
To: gentoo-security@l.g.o
Subject: [gentoo-security] security process hole?
Date: Mon, 02 Aug 2004 10:49:26
Message-Id: 200408021248.55124.carlo@gentoo.org
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 Multiple buffer overflows in <dev-db/firebird-1.5, no fix available, caused
5
6 http://bugs.gentoo.org/show_bug.cgi?id=20837
7 and
8 http://www.gentoo.org/security/en/glsa/glsa-200405-18.xml
9
10 but the affected ebuilds never got package masked (until yesterday) and Meir
11 retired in between. I really appreciate the great work the security@g.o herd
12 is doing already, but wouldn't it be a good idea, if it would be ensured
13 (four eyes principle), that affected ebuilds either get fixed, package masked
14 or removed by the responsible developer?
15
16
17 Carsten
18 -----BEGIN PGP SIGNATURE-----
19 Version: GnuPG v1.2.4 (GNU/Linux)
20
21 iD8DBQFBDhwXVwbzmvGLSW8RAnJhAJ4ntpW9BYGaZOA8Ca+rEDpkVD4kRQCgnH8U
22 WPeVDp07wPJs02FOga2dfG0=
23 =WL0u
24 -----END PGP SIGNATURE-----
25
26 --
27 gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] security process hole? Thierry Carrez <koon@g.o>