close
Warning:
Failed to sync with repository "(default)": [Errno 12] Cannot allocate memory; repository information may be out of date. Look in the Trac log for more information including mitigation strategies.
- Timestamp:
-
2017-01-31T15:48:16Z (8 years ago)
- Author:
-
dx
- Comment:
-
CVE-2016-10189 and CVE-2017-5668 have been assigned for the first issue and its incomplete fix respectively.
Legend:
- Unmodified
- Added
- Removed
- Modified
-
v2
|
v3
|
|
5 | 5 | malicious remote clients. |
6 | 6 | |
| 7 | CVE-2016-10189 has been assigned for this first issue. |
| 8 | |
7 | 9 | Additionally, due to an incomplete fix of the issue above in BitlBee |
8 | 10 | 3.5, the bitlbee-libpurple variant is still affected in 3.5. |
| 11 | |
| 12 | CVE-2017-5668 has been assigned for this second issue. |
9 | 13 | |
10 | 14 | == Impact == |
… |
… |
|
75 | 79 | == References == |
76 | 80 | |
77 | | Incomplete fix commit included in 3.5: |
| 81 | CVE-2016-10189: Incomplete fix commit included in 3.5: |
78 | 82 | |
79 | 83 | https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f |
80 | 84 | |
81 | | Libpurple specific bugfix commit included in 3.5.1: |
| 85 | CVE-2017-5668: Libpurple specific bugfix commit included in 3.5.1: |
82 | 86 | |
83 | 87 | https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441 |