Remote crashes being fixed in 2.6.2
Jan Lieskovsky
jlieskov at redhat.com
Tue Sep 8 10:46:51 EDT 2009
Hi,
Ari Pollak wrote:
> Paul Aurich wrote:
>> Per Warren's request, this is a list of remote crashes being fixed in
>> 2.6.2. The XMPP crash, at the least, probably impacts everything back to
>> and including 2.5.2 (when that support was added). I don't know about
>> the others.
>
> The inevitable question: do these have CVEs?
The CVEs were requested here:
http://www.openwall.com/lists/oss-security/2009/09/08/3
so hopefully they will arrive shortly.
For the [1] record:
Yahoo IM parsing crash 22 August 2009 2.6.1
this was assigned CVE-2009-3025 [2], so you can
update relevant record.
Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
[1] http://pidgin.im/news/security/?id=35
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3025
>
> _______________________________________________
> Packagers mailing list
> Packagers at pidgin.im
> http://pidgin.im/cgi-bin/mailman/listinfo/packagers
More information about the Packagers
mailing list