On Tue, Dec 04, 2012 at 10:45:45PM +0100, Moritz Muehlenhoff wrote:
> On Mon, Dec 03, 2012 at 12:00:18PM +0100, Alessandro Ghedini wrote:
> > I opened a ticket upstream but it doesn't appear to be fixed. It's not
> > clear if
> > Debian is affected though: the CVE was published 6 days after the 1.
On Mon, Dec 03, 2012 at 12:00:18PM +0100, Alessandro Ghedini wrote:
> forwarded 694999 http://code.google.com/p/cityhash/issues/detail?id=10
> kthxbye
>
> On Mon, Dec 03, 2012 at 08:22:47AM +0100, Moritz Muehlenhoff wrote:
> > Package: cityhash
> > Severity: grave
> > Tags: security
> > Justificat
On Mon, Dec 03, 2012 at 12:00:18PM +0100, Alessandro Ghedini wrote:
> On Mon, Dec 03, 2012 at 08:22:47AM +0100, Moritz Muehlenhoff wrote:
> > I'm not sure if/when this was fixed upstream, so better contact upstream.
>
> the CVE was published 6 days after the 1.1.0 release
After 6 days... and a mo
forwarded 694999 http://code.google.com/p/cityhash/issues/detail?id=10
kthxbye
On Mon, Dec 03, 2012 at 08:22:47AM +0100, Moritz Muehlenhoff wrote:
> Package: cityhash
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
Hi,
> please see http://cve.mitre.org/cgi-bin/cve
Package: cityhash
Severity: grave
Tags: security
Justification: user security hole
Hi,
please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6051
I'm not sure if/when this was fixed upstream, so better contact upstream.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bug
5 matches
Mail list logo
