CVE-2015-4093 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4093): Cross-site scripting (XSS) vulnerability in Elasticsearch Kibana 4.x before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
*kibana-bin-4.0.3 (22 Jun 2015) 22 Jun 2015; Ian Delaney <idella4@gentoo.org> +kibana-bin-4.0.3.ebuild, -kibana-bin-4.0.1.ebuild, -kibana-bin-4.0.2.ebuild: bump; rm old
I believe this can be safely closed.
(In reply to Tomas Mozes from comment #2) > I believe this can be safely closed. Tomas note the big Note: just above the Description.
Yes, the security team is responsible for closing the bug, but since this bug has been resolved 4 months ago, I wanted to politely ping the security team. It wasn't meant for you ;)