Source: iodine Version: 0.6.0~rc1-2 Severity: grave Tags: security upstream patch fixed-upstream Justification: user security hole
Hi Gregor, There was a new upstream version for iodine released fixing an authentication bypass vulnerability. Upstream commit is at [1], but no CVE is yet assigned[2] so far. [1] https://github.com/yarrick/iodine/commit/b715be5cf3978fbe589b03b09c9398d0d791f850 [2] http://www.openwall.com/lists/oss-security/2014/06/16/5 Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
