megacoffee.net Gentoo overlay - legacy mirror

We have moved to Git. This repository is only provided for compatibility with old installations. Learn how to migrate your installation here.

diff profiles/package.mask @ 216:64ad94cc6f53

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
dev-vcs/kallithea: version bump to 0.3.5 (security update), masking <0.3.5
author Daniel Neugebauer <dneuge@energiequant.de>
date Sun, 21 Oct 2018 13:19:45 +0200
parents 8db459a54e9e
children 5fc6acd937e1
line wrap: on
line diff
--- a/profiles/package.mask	Mon Feb 19 23:06:39 2018 +0100
+++ b/profiles/package.mask	Sun Oct 21 13:19:45 2018 +0200
@@ -3,3 +3,12 @@
 # ebuild was restored from official portage tree after deletion and should
 # only be used as a last resort
 =media-libs/xine-lib-1.1.20
+
+# Daniel Neugebauer <dneuge@energiequant.de> (21 Oct 2018)
+# for gentoo-overlay.megacoffee.net
+# Kallithea versions before 0.3.5 are vulnerable to several security issues
+# (incorrect access control, directory traversal, XSS). See the 0.3.5 release
+# notes on details and recommended actions and upgrade ASAP (update was
+# already published on 6 Jun 2018):
+# https://kallithea-scm.org/news/release-0.3.5.html
+<dev-vcs/kallithea-0.3.5