[Pkg-privacy-maintainers] wheezy-backports: libotr5 vulnerable to CVE-2016-2851
Kalle Valo
kvalo at adurom.com
Tue Apr 26 16:18:23 UTC 2016
Hi,
I did a quick check and to me it looks like that libotr5 4.1.0-2~bpo70+1
in wheezy-backports is vulnerable to CVE-2016-2851 (remote code
execution)[1]. The version 4.1.1-1 in unstable should be safe. Is anyone
able to upload latest libotr5 to fix this?
Thanks in advance.
[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2851
--
Kalle Valo
More information about the Pkg-privacy-maintainers
mailing list