Control: tag -1 + upstream fixed-upstream patch pending
On Tue, 17 Jun 2014 19:20:29 +0200, Erik Ekman wrote:
> > @Erik: Maybe you could also backport the fix to the iodine-0.6
> > branch?
> I pushed an 0.6.0 with the fix here:
> https://github.com/yarrick/iodine/tree/iodine-0.6.0
> No tarball is
Processing control commands:
> tag -1 + upstream fixed-upstream patch pending
Bug #751834 [src:iodine] iodine: authentication bypass
Added tag(s) pending.
--
751834: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751834
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
-
On Tue, 17 Jun 2014 06:57:18 +0200, Salvatore Bonaccorso wrote:
(Cc'ing upstream)
> There was a new upstream version for iodine released
Ha! The Debian security team is quicker than my daily uscan cronjob
:)
> fixing an
> authentication bypass vulnerability.
>
> Upstream commit is at [1], but
Source: iodine
Version: 0.6.0~rc1-2
Severity: grave
Tags: security upstream patch fixed-upstream
Justification: user security hole
Hi Gregor,
There was a new upstream version for iodine released fixing an
authentication bypass vulnerability.
Upstream commit is at [1], but no CVE is yet assigned[
4 matches
Mail list logo
