app-arch/rpm2targz: multiple vulnerabilites (CVE-2010-{2059,2197,2198,2199})

Reported by Jeff Johnson on 2010-09-09
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
RPM
Low
Unassigned
Fedora
Unknown
Unknown
Gentoo Linux
Confirmed
High
Mandriva
Unknown
Medium

Bug Description

tracker

Jeff Johnson (n3npq) on 2010-09-09
tags: added: gentoo
Jeff Johnson (n3npq) on 2010-09-09
tags: added: mandriva
Jeff Johnson (n3npq) wrote :

The patch to fix this issue was added to rpm-4.4.3 and remains in @rpm5.org code since 2005.

The @rpm.org code base was based on rpm-4.4.2 and part of the patch (from OpenSuSE)
was dropped when backported.

Upgrading to rpm-4.8.1 will fix CVS-2010-2191.

Jeff Johnson (n3npq) wrote :

Upgrading to rpm-4.8.1 will fix CVS-2010-2199.

Changed in mandriva:
importance: Undecided → Unknown
status: New → Unknown
Changed in rpm:
importance: Undecided → Low
status: New → In Progress
Jeff Johnson (n3npq) on 2010-09-09
Changed in rpm:
milestone: none → 4.8.1
Changed in mandriva:
status: Unknown → Confirmed
Changed in gentoo:
status: Unknown → Confirmed
Changed in gentoo:
importance: Unknown → High
Changed in mandriva:
importance: Unknown → Medium
Changed in mandriva:
status: Confirmed → Unknown
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.