Security Bug due to Unchecked use of GnuTLS function

Gary Kramlich grim at reaperworld.com
Sun Jul 17 17:43:29 EDT 2016


On Sun, Jul 17, 2016 at 4:04 PM, Ethan Blanton <elb at pidgin.im> wrote:
> Yuan Jochen Kang spake unto us the following wisdom:
>> I wanted to check with you on the status of the CVE request.
>
> Good question, thanks for pinging.
>
> Gary, did we get a CVE for this?  I see that the 2.11 page still
> doesn't list one.  If we didn't, we need to!

Sorry this slipped off my radar.  Unfortunately, it doesn't look like
anyone has created one.  I was told the Debian security team would
take care of it, and they just released a new version [1] to stable
without mention of a new CVE.

Ethan, do you know who else I can/should be pinging?

> Ethan

[1] http://osdir.com/ml/general/2016-07/msg21951.html

Thanks,

--
Gary Kramlich <grim at reaperworld.com>


More information about the security mailing list