Bug#559784: qutecom: CVE-2008-4776 denial-of-service
Ludovico Cavedon
cavedon at debian.org
Sun Dec 13 00:05:55 UTC 2009
Hi Michael,
Michael Gilbert wrote:
> the following CVE (Common Vulnerabilities & Exposures) id was published
> for libgadu. Centerim embeds libpurple, which embeds libgadu, so it is
> affected.
I am sure what stated above is correct. According to my investigation:
-libpurble does not embded libgadu directly, but has its own
implementation of the gadugadu protocol
-centerim embeds libgadu directly
Therefore this CVE does not apply to qutecom.
Do you agree?
Thank you,
Ludovico
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20091212/07848c8a/attachment.pgp>
More information about the Pkg-voip-maintainers
mailing list