Smalltalk Gnu

Status of security issue (libltdl, gentoo)?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Roland Plüss-2
Reply | Threaded
Open this post in threaded view
|

Status of security issue (libltdl, gentoo)?

Roland Plüss-2
Speaking of this bug ticket in the GenToo system:
http://bugs.gentoo.org/show_bug.cgi?id=277089

It's about gnu-smalltalk using internal copies of vulnerable libraries.
The ebuild is flagged for removal in just a few days left. What is the
status on this problem? Has a fix been made upstream already? If the
time limit passes gnu-smalltalk is bye-bye and can't be installed
anymore by GenToo users.

--
Yours sincerely
Plüss Roland

Leader and Head Programmer
- Game: Epsylon ( http://epsylon.rptd.ch/ ,
http://www.moddb.com/games/4057/epsylon )
- Game Engine: Drag(en)gine ( http://dragengine.rptd.ch ,
http://www.moddb.com/engines/9/dragengine )
- Normal Map Generator: DENormGen ( http://epsylon.rptd.ch/denormgen.php )



_______________________________________________
help-smalltalk mailing list
[hidden email]
http://lists.gnu.org/mailman/listinfo/help-smalltalk

signature.asc (269 bytes) Download Attachment
Paolo Bonzini-2
Reply | Threaded
Open this post in threaded view
|

Re: Status of security issue (libltdl, gentoo)?

Paolo Bonzini-2
On 03/13/2010 03:21 PM, Roland Plüss wrote:
> Speaking of this bug ticket in the GenToo system:
> http://bugs.gentoo.org/show_bug.cgi?id=277089
>
> It's about gnu-smalltalk using internal copies of vulnerable libraries.
> The ebuild is flagged for removal in just a few days left. What is the
> status on this problem? Has a fix been made upstream already? If the
> time limit passes gnu-smalltalk is bye-bye and can't be installed
> anymore by GenToo users.

I cannot do anything about that.  I pointed to the appropriate upstream
patches in the report.

Paolo


_______________________________________________
help-smalltalk mailing list
[hidden email]
http://lists.gnu.org/mailman/listinfo/help-smalltalk
Roland Plüss-2
Reply | Threaded
Open this post in threaded view
|

Re: Status of security issue (libltdl, gentoo)?

Roland Plüss-2


On 03/13/2010 08:49 PM, Paolo Bonzini wrote:

>>>> It's about gnu-smalltalk using internal copies of vulnerable libraries.
>>>> The ebuild is flagged for removal in just a few days left. What is the
>>>> status on this problem? Has a fix been made upstream already? If the
>>>> time limit passes gnu-smalltalk is bye-bye and can't be installed
>>>> anymore by GenToo users.
>>>>        
>>> I cannot do anything about that.  I pointed to the appropriate
>>> upstream patches in the report.
>>>
>>>      
>> So I take it there would be actually a fix for the problem? Granted
>> GenToo folks can be rather "annoying" about patching stuff if they have to.
>>    
> For security problems it seems stupid to not patch.  The fix comes
> straight from upstream.
>
> Paolo
>  
Well then let's see what happens. Right now it's still slated for removal.

--
Yours sincerely<br>
Plüss Roland<br>
<br>
Leader and Head Programmer<br>
- Game: Epsylon ( http://epsylon.rptd.ch/ ,
http://www.moddb.com/games/4057/epsylon )<br>
- Game Engine: Drag(en)gine ( http://dragengine.rptd.ch ,
http://www.moddb.com/engines/9/dragengine )<br>
- Normal Map Generator: DENormGen ( http://epsylon.rptd.ch/denormgen.php
)<br>


_______________________________________________
help-smalltalk mailing list
[hidden email]
http://lists.gnu.org/mailman/listinfo/help-smalltalk

signature.asc (270 bytes) Download Attachment
Free forum by Nabble Edit this page