Bug#438419: CVE-2007-4366: WengoPhone DoS vulnerability - fixed upstream

tags 438419 fixed-upstream thanks Hi, This issue has now been fixed upstream: http://dev.openwengo.com/pipermail/wengophone-devel/2007-August/006433.html Could you please ensure that this release arrives in Debian, and mention the CVE id in your changelog? thanks Thijs pgprcGnP9n6c7.pgp Des

Processed: Re: Bug#438419: CVE-2007-4366: WengoPhone DoS vulnerability

Processing commands for [EMAIL PROTECTED]: > package wengophone Ignoring bugs not assigned to: wengophone > tag 438419 + confirmed upstream Bug#438419: CVE-2007-4366: WengoPhone DoS vulnerability Tags were: security Tags added: confirmed, upstream > thanks Stopping processing here

Bug#438419: CVE-2007-4366: WengoPhone DoS vulnerability

package wengophone tag 43841 + confirmed upstream thanks Luca Bruno wrote: It looks like openwengo project hasn't yet released a patch, but they're working on it: http://dev.openwengo.com/pipermail/wengophone-devel/2007-August/006412.html I also opened a ticket on openwengo trac: http://dev.o

Bug#438419: CVE-2007-4366: WengoPhone DoS vulnerability

Package: wengophone Version: 2.1.1.dfsg0-2 Severity: grave Tags: security -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 >From CVE-2007-4366: "A message validation check flaw in WengoPhone SIP phone implementation may allow a remote attacker to crash the phone causing denial of service. The vulne