Summary: | net-im/openfire <3.5.0 Denial of Service (CVE-2008-1728) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | humpback, net-im |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/29751/ | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Robert Buchholz (RETIRED)
2008-04-10 23:23:54 UTC
3.5.0 is already in the tree, good to go stable? Vulnerability: It cannot handle clients that fail to read messages, and has no limit on their session's send buffer. http://www.igniterealtime.org/fisheye/changelog/svn-org?cs=10031 net-irc/humpback, is 3.5.0_rc1 good to go stable? Arches, please test and mark stable: =net-im/openfire-3.5.0 Target keywords : "amd64 release x86" amd64/x86 stable, last arches. ready for GLSA vote /me votes yes Voting YES as well and filing request. Fixed in release snapshot. GLSA 200804-26 |