Summary: | mail-client/squirrelmail G/PGP plugin code injection (CVE-2005-1924, CVE-2006-1469) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | eradicator |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa] p-y | ||
Package list: | Runtime testing required: | --- |
Description
Hanno Böck
2007-07-11 22:59:41 UTC
I will wait two days for an updated plugin version from upstream. If they have not addressed the issue, I'll create a patch based on the workarounds provided in the reports. Revbumps for 1.4.10a and 1.5.1 are in portage. Arches please test and mark stable. Target keywords are: "alpha amd64 ppc ppc64 sparc x86" mail-client/squirrelmail-1.4.10a-r2 stable on ppc64 amd64 stable alpha/x86 stable amd64: please stabilize the unmasked version(1.4) sparc stable yesterday, didn't i remove us from CC@ back then? (deja vu). Stable on amd64. ppc stable it's GLSA 200708-08, thanks everybody and sorry for the delay. |