Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatt Turner <mattst88@gentoo.org>2017-11-08 15:36:14 -0800
committerMatt Turner <mattst88@gentoo.org>2017-11-08 15:37:09 -0800
commit7c1c02b4b226877cc1ea12bd46b2325472ac7410 (patch)
tree1ddee5380b1c7bc7192e60c773c3b84b835f027d
parentnet-vpn/tor: version bump alpha branch to 0.3.2.4_alpha, remove older (diff)
downloadgentoo-7c1c02b4b226877cc1ea12bd46b2325472ac7410.tar.gz
gentoo-7c1c02b4b226877cc1ea12bd46b2325472ac7410.tar.bz2
gentoo-7c1c02b4b226877cc1ea12bd46b2325472ac7410.zip
package.mask: Mask vulnerable versions of libXfont
Bug: https://bugs.gentoo.org/634044
Diffstat
-rw-r--r--profiles/package.mask5
1 files changed, 5 insertions, 0 deletions
diff --git a/profiles/package.mask b/profiles/package.mask
index 610525adf369..a58c5d739872 100644
--- a/profiles/package.mask
+++ b/profiles/package.mask
@@ -29,6 +29,11 @@
#--- END OF EXAMPLES ---
+# Matt Turner <mattst88@gentoo.org> (08 Nov 2017)
+# Vulnerable to CVE-2017-13720, CVE-2017-13722 (bug #634044). Only in tree for
+# masked xorg-server-1.12.
+<x11-libs/libXfont-1.5.0
+
# Brian Evans <grknight@gentoo.org> (07 Nov 2017)
# Remote service removed this method, dead upstream
# Masked for removal in 30 days.