base/package.mask: mask =dev-libs/zziplib-0.13.69 - overlay

commit: 3e610e31786d8e673a0baf9b8c60010fc1800b75
parent: 50926db80b38839cacae82767cf53e1e0b0279c7
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date:   Thu, 17 Oct 2019 17:05:20 +0200

base/package.mask: mask =dev-libs/zziplib-0.13.69

Diffstat:
M profiles/base/package.mask 6 +++++-

1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/profiles/base/package.mask b/profiles/base/package.mask
@@ -10,7 +10,11 @@ media-gfx/exiv2
 # fails to build with a OpenSSL-like error in stable (1.9.7-r1)
 dev-vcs/subversion
 
-# aelwenn (lanodan) Monnier <contact@hacktivis.me> 2018-12-27
+# Haelwenn (lanodan) Monnier <contact@hacktivis.me> 2018-12-27
 # Bloated, quite insecure (too much trust in other apps, more than paging)
 # alternative can be sys-apps/most, see virtual/pager for others
 sys-apps/less
+
+# Haelwenn (lanodan) Monnier <contact@hacktivis.me> 2019-10-17
+# Vulnerable to CVE-2018-17828 (non-removal of "../" in the paths)
+=dev-libs/zziplib-0.13.69