Summary: | <net-voip/telepathy-gabble-0.10.5: JID validation missing (CVE-2011-1000) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Olivier Crete (RETIRED) <tester> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | gnome, voip+disabled |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://lists.freedesktop.org/archives/telepathy/2011-February/005272.html | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Olivier Crete (RETIRED)
2011-02-16 17:22:48 UTC
ebuild available for 0.10.5 Arches, the target for stabilization is =net-voip/telepathy-gabble-0.10.5 Arches could probably wait a bit (-> around a day) and go directly with bug 353436 also amd64 done as part of Gnome stabilization x86 done by tomka. alpha/ia64/sparc stable ppc done wrt #353436, last arch over'n'out Thanks, folks. GLSA Vote: no. GLSA vote: NO Maintainers, please remove any vulnerable versions left in the tree. |