Re: CVE request for bitlebee

[Kurt Seifried <kseifried () redhat com>]

On 03/19/2012 04:34 AM, David Black wrote:
> A few months ago it was reported that Bitlbee did not drop extra
> groups(in unix.c) that the process launching it had.
> There hasn't been a CVE assigned to this issue, so I thought I would
> follow up and request one.
> The original report can be found at
> http://bugs.bitlbee.org/bitlbee/ticket/852 and it was fixed in
> http://bugs.bitlbee.org/bitlbee/changeset/devel%2C856.
>
> --
> Thank you.

Please use CVE-2012-1187 for this issue.

-- 
Kurt Seifried Red Hat Security Response Team (SRT)