Package: libotr2 Version: 3.2.0-4 Severity: grave Tags: security upstream Justification: user security hole
libotr contains buffer overflows in a few base64 decoding functions: http://lists.cypherpunks.ca/pipermail/otr-dev/2012-July/001347.html Fixes for the bugs are available from git: http://lists.cypherpunks.ca/pipermail/otr-dev/2012-July/001348.html -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libotr2 depends on: ii libc6 2.13-33 ii libgcrypt11 1.5.0-3 libotr2 recommends no packages. Versions of packages libotr2 suggests: ii libotr2-bin 3.2.0-4 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
