Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-server

From: Olaf Niermann <lists@×××××××××.de>
To: gentoo-server@l.g.o
Subject: RE: [gentoo-server] what happend to GLSA ?
Date: Fri, 15 Feb 2008 22:16:27
Message-Id: 001e01c87020$7cf36750$2101a8c0@cybone
In Reply to: Re: [gentoo-server] what happend to GLSA ? by Raphael Marichez
1 Hi Raphael,
2
3 Just use the command
4 # glsa-check -l |sort -n |tail
5
6 And you will see that glsa is up to date.
7
8 Regards,
9 Olaf Niermann
10
11
12 -----Original Message-----
13 From: Raphael Marichez [mailto:falco@g.o]
14 Sent: Friday, February 15, 2008 4:20 PM
15 To: gentoo-server@l.g.o
16 Subject: Re: [gentoo-server] what happend to GLSA ?
17
18
19 On Tue, 08 Jan 2008, Tomasz Lutelmowski wrote:
20
21 >
22 > The GLSA is not updating since 2007-12-25...
23 >
24 > xxx etc # glsa-check -l | tail
25 > [A] means this GLSA was already applied,
26 > [U] means the system is not affected and
27 > [N] indicates that the system might be affected.
28 >
29 > 200712-16 [U] Exiv2: Integer overflow ( media-gfx/exiv2 )
30 > 200712-17 [U] exiftags: Multiple vulnerabilities ( media-gfx/exiftags )
31 > 200712-18 [U] Multi-Threaded DAAP Daemon: Multiple vulnerabilities (
32 media-
33 > sound/mt-daapd )
34 > 200712-19 [U] Syslog-ng: Denial of Service ( app-admin/syslog-ng )
35 > 200712-20 [U] ClamAV: Multiple vulnerabilities ( app-antivirus/clamav )
36 > 200712-21 [U] Mozilla Firefox, SeaMonkey: Multiple vulnerabilities ( www-
37 > client/seamonkey www-client/mozilla-firefox-bin www-client/mozilla-
38 > firefox ... )
39 > 200712-22 [U] Opera: Multiple vulnerabilities ( www-client/opera )
40 > 200712-23 [U] Wireshark: Multiple vulnerabilities ( net-analyzer/wireshark
41 )
42 > 200712-24 [U] AMD64 x86 emulation GTK+ library: User-assisted execution of
43
44 > arbitrary code ( app-emulation/emul-linux-x86-gtklibs )
45 > 200712-25 [U] OpenOffice.org: User-assisted arbitrary code execution (
46 app-
47 > office/openoffice app-office/openoffice-bin dev-db/hsqldb )
48 >
49 > Is it temporary issue or Gentoo got new way of tracking vulnerabilities ?
50
51
52 indeed GLSA 200712-25 was sent 2007-12-30. After all, it was Chrismas
53 holidays...
54
55 We're still actively looking for helpers (which may become official
56 security members after a probation period) for wrangling security bugs
57 and writing GLSA. Mail to security@g.o if interested.
58
59 --
60 Raphael Marichez aka Falco
61
62 --
63 gentoo-server@l.g.o mailing list

Replies

Subject Author
Re: [gentoo-server] what happend to GLSA ? Raphael Marichez <falco@g.o>
Report Message
Find on MARC Find on Google Groups