CVE-2012-1410
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kadu (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Natty |
Won't Fix
|
Undecided
|
Unassigned | ||
Oneiric |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Recently security issue's been reported to Kadu *one of packages I maintain in Debian). Please see more about the issue here:
http://
It's been fixed in newest upstream release -- 0.11.1. It's been uploaded to Debian Sid and has already migrated to Testing. Because of the bug fix, it has also been synced to Ubuntu Precise past the Feature Freeze. All versions of Kadu starting 0.9.0 and earlier than 0.11.1 are affected.
Versions in Ubuntu affected by the bug:
Oneiric (0.9.2-2)
Natty (0.9.0-1)
Commit that fix the bugs upstream is the following:
https:/
Due to the bug there have been also additional hardening commited, but are not actual fixes the the bug:
https:/
https:/
https:/
CVE References
Changed in kadu (Ubuntu Oneiric): | |
status: | New → Confirmed |
Changed in kadu (Ubuntu Natty): | |
status: | New → Confirmed |
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https:/ /wiki.ubuntu. com/SecurityTea m/UpdateProcedu res