[Debian-ha-maintainers] Bug#930887: Bug#930887: Bug#930887: CVE-2019-10153

[Valentin Vidić]

On Tue, Jun 25, 2019 at 09:32:48AM +0200, wferi at niif.hu wrote:
> I think so, but I may overlook something.  Also, I find the switch to
> UTF-8 decoding a somewhat unsatisfactory fix: is it wise to depend on
> the result being correctly UTF-8 encoded?  If anything goes wrong, an
> exception is thrown all the same, it depends on the server.  It may be
> desirable, though, I don't know a thing about rhevm.

Yes, I guess it assumes the rhevm service returns UTF-8, but I also don't
have access to check this so we'll have to trust the upstream that this is
fixed for now.

-- 
Valentin