Multiple vulnerabilities have been found in Catfish, allowing local attackers to escalate their privileges.
|Package||dev-util/catfish on all architectures|
|Affected versions||< 1.0.2|
|Unaffected versions||>= 1.0.2|
Catfish is a versatile file searching tool.
Multiple vulnerabilities have been discovered in Catfish. Please review the CVE identifiers referenced below for details.
A local attacker could gain escalated privileges via a specially crafted shared library.
There is no known workaround at this time.
All Catfish users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-util/catfish-1.0.2"
August 13, 2014
August 13, 2014: 1