I researched and see that this warning has popped up in 2005 as well as 2011. The Bug Report that I read says No Known WorkArounds.
Any help or experiences with the Subject is much Appreciated.
Here is how I uncovered/read the Warning.
My system is UP to Date as I have…
eix-sync
emerge --oneshot portage
emerge -uDv world
emerge -v depclean
revdep-rebuild -v
dispatch-conf
glsa-check -t all
sqlpython# 200502-32 [N] UnAce: Buffer overflow and directory traversal vulnerabilities ( app-arch/unace)
My installed package of app/arch/unace 2.5-r3 is installed UnMasked.
I received a suggestion to install unace packages above 2.0 MASKED.
Should I reEmerge after Masking?
OR
Leave Well Enough Alone?
I am bumping my own thread with more info…
I should have been more precise with my inquiry.
I investigated the 200502-32 unace warning in more depth.
I see this warning as early as 2005 on Gentoo forums.
Apparently, when used the overflow buffer produced leaves an opening for security breach. The answer always seems to Upgrade to the latest unace package.
However, I am using the latest unace and the issue is getting old. How much of a worry is this and are there any other solutions??
I am updated last night I performed
eix-sync
emerge --oneshot portage
emerge -uDv world
dispatch-conf
Here is my read out…
sqlpython # glsa-check -p $(glsa-check -t all)
This system is affected by the following GLSAs:
Checking GLSA 200502-32
[>> No upgrade path exists for these packages:]{style=“text-align:right;”}
app-arch/unace-2.5-r3