[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-release-team
Subject: Re: Kopete: CVE 2017-5593 (User Impersonation Vulnerability)
From: Pali =?utf-8?B?Um9ow6Fy?= <pali.rohar () gmail ! com>
Date: 2017-02-14 9:34:56
Message-ID: 20170214093456.GF27493 () pali
[Download RAW message or body]
On Tuesday 14 February 2017 10:19:17 Luca Beltrame wrote:
> Il giorno Tue, 14 Feb 2017 09:21:12 +0100
> Pali Rohár <pali.rohar@gmail.com> ha scritto:
>
> > 1) Upstream libiris does not support building dynamic shared library
>
> Then they should be pestered until they do, it would at least reduce
> the impact of issues like this one.
Ok, I will open ticket for it in upstream bug tracker.
> > 2) Upstream libiris does not have stable API/ABI
>
> Do you know if they at least bump soversions?
Soversion? See 1) There are no shared .so dynamic libraries, so nothing
like soversion even exists.
--
Pali Rohár
pali.rohar@gmail.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic