1 |
On Tue, 08 Jan 2008, Tomasz Lutelmowski wrote: |
2 |
|
3 |
> |
4 |
> The GLSA is not updating since 2007-12-25... |
5 |
> |
6 |
> xxx etc # glsa-check -l | tail |
7 |
> [A] means this GLSA was already applied, |
8 |
> [U] means the system is not affected and |
9 |
> [N] indicates that the system might be affected. |
10 |
> |
11 |
> 200712-16 [U] Exiv2: Integer overflow ( media-gfx/exiv2 ) |
12 |
> 200712-17 [U] exiftags: Multiple vulnerabilities ( media-gfx/exiftags ) |
13 |
> 200712-18 [U] Multi-Threaded DAAP Daemon: Multiple vulnerabilities ( media- |
14 |
> sound/mt-daapd ) |
15 |
> 200712-19 [U] Syslog-ng: Denial of Service ( app-admin/syslog-ng ) |
16 |
> 200712-20 [U] ClamAV: Multiple vulnerabilities ( app-antivirus/clamav ) |
17 |
> 200712-21 [U] Mozilla Firefox, SeaMonkey: Multiple vulnerabilities ( www- |
18 |
> client/seamonkey www-client/mozilla-firefox-bin www-client/mozilla- |
19 |
> firefox ... ) |
20 |
> 200712-22 [U] Opera: Multiple vulnerabilities ( www-client/opera ) |
21 |
> 200712-23 [U] Wireshark: Multiple vulnerabilities ( net-analyzer/wireshark ) |
22 |
> 200712-24 [U] AMD64 x86 emulation GTK+ library: User-assisted execution of |
23 |
> arbitrary code ( app-emulation/emul-linux-x86-gtklibs ) |
24 |
> 200712-25 [U] OpenOffice.org: User-assisted arbitrary code execution ( app- |
25 |
> office/openoffice app-office/openoffice-bin dev-db/hsqldb ) |
26 |
> |
27 |
> Is it temporary issue or Gentoo got new way of tracking vulnerabilities ? |
28 |
|
29 |
|
30 |
indeed GLSA 200712-25 was sent 2007-12-30. After all, it was Chrismas |
31 |
holidays... |
32 |
|
33 |
We're still actively looking for helpers (which may become official |
34 |
security members after a probation period) for wrangling security bugs |
35 |
and writing GLSA. Mail to security@g.o if interested. |
36 |
|
37 |
-- |
38 |
Raphael Marichez aka Falco |