[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-release-team
Subject:    kwallet-pam: Regression in CVE-2018-10380 fixes
From:       Maximiliano Curia <maxy () debian ! org>
Date:       2018-05-05 9:25:00
Message-ID: 20180505092459.awjegp6niqnh2jo2 () neoptolemo ! gnuservers ! com ! ar
[Download RAW message or body]


Hi,

After applying the proposed fixes a couple of users started having issues with 
kwallet-pam, as reported here: https://bugs.kde.org/show_bug.cgi?id=393856

The patch to fix the issue is being worked in 
https://phabricator.kde.org/D12702. I'm not sure what are the current plans to 
release a version of kwallet-pam with CVE-2018-10380, the announcement 
mentions 5.12.6 which is a couple of months away, but just to be on the safe 
side Luigi Toscano convinced me that it was worth sending this message to 
release.

Happy hacking,
-- 
"If a million people believe a foolish thing, it is still a foolish thing."
-- France's Rule of Folly
Saludos /\/\ /\ >< `/

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]