On 23 October 2010 04:11, Silvio Cesare <[email protected]> wrote: > Centerim also embeds expat in libjabber. expat does xml parsing. I have > confirmed that the fix for cve-2009-3720 has not been applied to the > centerim sources. There is another associated expat vulnerability that might > be present also but I have not investigated. They are both denial of > services.Not sure how these would be triggered. >
cve-2009-3720 is fixed in trunk now. If you find another vulnerability, please let me know cheers Boris "transacid" Petersen -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

