Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 355219 (CVE-2011-1000) - <net-voip/telepathy-gabble-0.10.5: JID validation missing (CVE-2011-1000)
Summary: <net-voip/telepathy-gabble-0.10.5: JID validation missing (CVE-2011-1000)
Status: RESOLVED FIXED
Alias: CVE-2011-1000
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://lists.freedesktop.org/archives...
Whiteboard: B4 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-02-16 17:22 UTC by Olivier Crete (RETIRED)
Modified: 2011-03-22 21:50 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Pacho Ramos gentoo-dev 2011-02-16 18:07:11 UTC
ebuild available for 0.10.5
Comment 2 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-02-17 15:34:25 UTC
Arches, the target for stabilization is =net-voip/telepathy-gabble-0.10.5
Comment 3 Pacho Ramos gentoo-dev 2011-02-17 17:43:35 UTC
Arches could probably wait a bit (-> around a day) and go directly with bug 353436 also
Comment 4 Markos Chandras (RETIRED) gentoo-dev 2011-02-23 23:40:46 UTC
amd64 done as part of Gnome stabilization
Comment 5 Christian Faulhammer (RETIRED) gentoo-dev 2011-02-25 22:44:38 UTC
x86 done by tomka.
Comment 6 Raúl Porcel (RETIRED) gentoo-dev 2011-03-18 17:24:35 UTC
alpha/ia64/sparc stable
Comment 7 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-03-22 21:03:14 UTC
ppc done wrt #353436, last arch over'n'out
Comment 8 Tim Sammut (RETIRED) gentoo-dev 2011-03-22 21:45:08 UTC
Thanks, folks. GLSA Vote: no.
Comment 9 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-03-22 21:50:58 UTC
GLSA vote: NO

Maintainers, please remove any vulnerable versions left in the tree.