Hi all,
kpopper was masked for half a year now because of insecure temporary
file creation (see bug #94475 for details), now it's time to
completely remove it from portage. If you have rejections, please speak
up in a timely fashion or silently wave goodbye to the package.
Thanks and have a nice
Hi devs,
app-arch/zoo is prone to a buffer overflow that needs to be patched but
the package has no maintainer, see http://bugs.gentoo.org/123782 for
details. Since I don't have commit rights, I would appreciate help to
get this sorted out, the patch is really simple and should apply
cleanly, the
ubproject leader
- Taviso (Tavis Ormandy) is old and new auditing subprojet leader
- Jaervosz (Sune Kloppenborg Jeppesen) is old and new operational lead
- DerCorny (Stefan Cornelius) is new operational lead
4/ Public Q&A:
--
Nothing special to mention here, too. The Gent
Hi all,
I would like to thank everybody who congratulated via IRC or here on the
list.
I'd also like to take this opportunity to especially thank Pylon (my
mentor) and Kugelfang (my recruiter), who didn't hesitate to invest
their valuable time in order to help me. Thank you!
Cheers,
Stefan 'DerC
Hi Folks,
net-misc/vnc is vulnerable to an information leak that might lead to
password disclosure (bug #133219). Unfortunately, the original
maintainer aliz is at least semi-retired, thus we're looking for a new
maintainer.
So, if you've some love left for a lonely, homeless package like vnc,
th
Ikelos pointed out (thanks!), that only vnc 4.1.X is affected. Since we
don't ship such a version, the security bug is invalid, but the
maintainer problem remains.
Sorry for any inconvenience,
DerCorny
--
gentoo-dev@gentoo.org mailing list
Hi Gang,
net-www/awstats is masked because it has open security issues (including
remote code execution), see bug #130487 for details. Version 6.6 was
made to fix it, but unfortunately this version is not working at all
(see bug #134296), so we are trapped between unusable and vulnerable
versions.
CHTEKK does this one, thanks.
> Hi Gang,
>
> net-www/awstats is masked because it has open security issues (including
> remote code execution), see bug #130487 for details. Version 6.6 was
> made to fix it, but unfortunately this version is not working at all
> (see bug #134296), so we are trapp
Hi Gentoo,
dev-libs/libvc, app-misc/rolo and mail-client/mutt-vc-query were masked
because of the open security bug #127757. It also seems like there was
no upstream release for like 3 years, so this packages are pretty much
dead.
If nobody speaks up or volunteers as maintainer for that cruft, th
+1 from me, too. I also want to offer my help to this project, so ping
me if needed.
Kind regards,
DerCorny
--
gentoo-dev@gentoo.org mailing list
app-text/pstotext has a serious remote vulnerability that allows to
execute arbitrary commands on a vulnerable system. It appears to be
unmaintained at the moment.
If anyone out there is able to take this on and patch it (honestly,
patch is small), that would be much appreciated, the bug number i
11 matches
Mail list logo
