Summary: | dev-libs/cyrus-sasl: (<2.1.21) DoS during DIGEST-MD5 negociation (CVE-2006-1721) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Raphael Marichez (Falco) (RETIRED) <falco> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gentoomail, net-mail+disabled |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0180.html | ||
Whiteboard: | A3 [glsa] Falco | ||
Package list: | Runtime testing required: | --- |
Description
Raphael Marichez (Falco) (RETIRED)
2006-04-10 13:40:33 UTC
2.1.21 corrects the vuln, while last stable is 2.1.20. Arches, please test at least one of 2.1.21(-r[12])? and mark stable, thank you. -r2 Alpha'lized ! x86 done sparc stable. stable on ppc64 is now CVE-2006-1721 arches, please don't forget this one, thanks. (From http://www.gentoo.org/security/en/vulnerability-policy.xml , adm64, hppa and ppc stabilizations are still needed before closing the bug.) stable on hppa amd64, ppc please test and mark stable Compiles and runs the test-server && client on ppc (USE="sample"), any further tests i could do? ppc stable amd64 done GLSA 200604-09 arm, ia64, mips, s390 don't forget to mark stable to benifit from the GLSA. *** Bug 130733 has been marked as a duplicate of this bug. *** (In reply to comment #12) > GLSA 200604-09 > > arm, ia64, mips, s390 don't forget to mark stable to benifit from the GLSA. > I am about to removed all ebuild <2.1.21-r2 and noticed mips has stable keyword in cyrus-sasl-2.1.20.ebuild but has not stable 2.1.21-r2 yet. Stable on mips. |