oss-sec mailing list archives
Re: CVE request for bitlebee
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 19 Mar 2012 12:13:25 -0600
On 03/19/2012 04:34 AM, David Black wrote:
A few months ago it was reported that Bitlbee did not drop extra groups(in unix.c) that the process launching it had. There hasn't been a CVE assigned to this issue, so I thought I would follow up and request one. The original report can be found at http://bugs.bitlbee.org/bitlbee/ticket/852 and it was fixed in http://bugs.bitlbee.org/bitlbee/changeset/devel%2C856. -- Thank you.
Please use CVE-2012-1187 for this issue. -- Kurt Seifried Red Hat Security Response Team (SRT)
Current thread:
- CVE request for bitlebee David Black (Mar 19)
- Re: CVE request for bitlebee Kurt Seifried (Mar 19)