Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#52702 - [screen] root exploit
Attached to Project:
Arch Linux
Opened by Luke (Gaming4JC) - Wednesday, 25 January 2017, 03:06 GMT
Last edited by Gaetan Bisson (vesath) - Wednesday, 25 January 2017, 08:51 GMT
Opened by Luke (Gaming4JC) - Wednesday, 25 January 2017, 03:06 GMT
Last edited by Gaetan Bisson (vesath) - Wednesday, 25 January 2017, 08:51 GMT
|
DetailsDescription:
Upstream is reporting a root exploit. Debian will be patching soon. Downgrade and/or implementing Debian patches should be done as soon as possible. Additional info: * package version(s): 4.5.0 https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html |
This task depends upon
Closed by Gaetan Bisson (vesath)
Wednesday, 25 January 2017, 08:51 GMT
Reason for closing: Fixed
Additional comments about closing: screen-4.5.0-2 in [extra]
Wednesday, 25 January 2017, 08:51 GMT
Reason for closing: Fixed
Additional comments about closing: screen-4.5.0-2 in [extra]
Comment by Gaetan Bisson (vesath) -
Wednesday, 25 January 2017, 07:05 GMT
Thanks for the notification but it's late here and the patch is still not available. So I'm only going to be able to take care of this tomorrow unless someone in a different timezone beats me to it.
Comment by Gaetan Bisson (vesath) -
Wednesday, 25 January 2017, 07:09 GMT
Note: This is what to monitor: http://git.savannah.gnu.org/cgit/screen.git