[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] KMail/KIO POP3 SSL MITM Flaw
From:       Nick Boyce <nick.boyce () gmail ! com>
Date:       2014-06-22 23:03:07
Message-ID: CACqxkWK_LNFNqmm_9Ya5__rQZGNhFW79bCSFxyEroBeRDFApZw () mail ! gmail ! com
[Download RAW message or body]

On 22 June 2014 22:58, David Faure <faure@kde.org> wrote:

>> > I'm not sure whether to interpret the 'Versions' line in the advisory
>> > as "bug was introduced at kdelibs 4.10.95"
>
> Yes, this is what
> "Versions:       kdelibs 4.10.95 to 4.13.2"
> means.

Thanks - it might possibly have been "these are the versions we are
supporting with a fix" instead.

>> There is an IBM ISS report [3] which implies the bug affects at least
>> kdelibs 4.6.x ....
>
> No idea where they got that from.... I cannot confirm this.

Your clarification and that correction are much appreciated.  Thanks
for taking the time.

Cheers
Nick
[prev in list] [next in list] [prev in thread] [next in thread]