Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/profiles
diff options
context:
space:
mode:
authorTom Wijsman <tomwij@gentoo.org>2014-06-08 13:08:58 +0000
committerTom Wijsman <tomwij@gentoo.org>2014-06-08 13:08:58 +0000
commit60a10e5c1a8a8c70afab597b4b69c108bcfe4fd1 (patch)
treeb160f65b182dbc0f8db916edc67996bd6f6f44f2 /profiles
parentRemove old, vulnerable versions (bug 510382) (diff)
downloadgentoo-2-60a10e5c1a8a8c70afab597b4b69c108bcfe4fd1.tar.gz
gentoo-2-60a10e5c1a8a8c70afab597b4b69c108bcfe4fd1.tar.bz2
gentoo-2-60a10e5c1a8a8c70afab597b4b69c108bcfe4fd1.zip
Mask VLC ebuilds that are affected with security bug CVE-2013-6934.
Diffstat (limited to 'profiles')
-rw-r--r--profiles/ChangeLog5
-rw-r--r--profiles/package.mask14
2 files changed, 17 insertions, 2 deletions
diff --git a/profiles/ChangeLog b/profiles/ChangeLog
index 7fe96e955c0f..21d02e98ac31 100644
--- a/profiles/ChangeLog
+++ b/profiles/ChangeLog
@@ -1,11 +1,14 @@
# ChangeLog for profile directory
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.9055 2014/06/08 12:53:55 mgorny Exp $
+# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.9056 2014/06/08 13:08:58 tomwij Exp $
#
# This ChangeLog should include records for all changes in profiles directory.
# Only typo fixes which don't affect portage/repoman behaviour could be avoided
# here. If in doubt put a record here!
+ 08 Jun 2014; Tom Wijsman <TomWij@gentoo.org> package.mask:
+ Mask VLC ebuilds that are affected with security bug CVE-2013-6934.
+
08 Jun 2014; Michał Górny <mgorny@gentoo.org> package.mask:
Mask multilib libsoup & neon.
diff --git a/profiles/package.mask b/profiles/package.mask
index 315257458d05..c26b5edfea08 100644
--- a/profiles/package.mask
+++ b/profiles/package.mask
@@ -1,5 +1,5 @@
####################################################################
-# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15771 2014/06/08 12:53:55 mgorny Exp $
+# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15772 2014/06/08 13:08:58 tomwij Exp $
#
# When you add an entry to the top of this file, add your name, the date, and
# an explanation of why something is getting masked. Please be extremely
@@ -30,6 +30,18 @@
#--- END OF EXAMPLES ---
+# Tom Wijsman <TomWij@gentoo.org> (8 Jun 2014)
+# Mask VLC ebuilds that are affected with security bug CVE-2013-6934:
+#
+# A vulnerability has been discovered in VLC Media Player, which can be
+# exploited by malicious people to compromise a user's system.
+#
+# Some ebuilds also have other buffer and integer overflow security bugs like
+# CVE-2013-1954, CVE-2013-3245, CVE-2013-4388 and CVE-2013-6283.
+#
+# Users should consider to upgrade VLC Media Player to at least version 2.1.2.
+<media-video/vlc-2.1.2
+
# Tom Wijsman <TomWij@gentoo.org> (6 Jun 2014)
# Mask gentoo-sources ebuilds that are affected with security bug CVE-2014-3153.
#