Kopete: CVE 2017-5593 (User Impersonation Vulnerability)

Luca Beltrame lbeltrame at kde.org
Tue Feb 14 09:19:17 UTC 2017


Il giorno Tue, 14 Feb 2017 09:21:12 +0100
Pali Rohár <pali.rohar at gmail.com> ha scritto:

> 1) Upstream libiris does not support building dynamic shared library

Then they should be pestered until they do, it would at least reduce
the impact of issues like this one. 

> 2) Upstream libiris does not have stable API/ABI

Do you know if they at least bump soversions?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: Firma digitale OpenPGP
URL: <http://mail.kde.org/pipermail/release-team/attachments/20170214/9cec0d13/attachment.sig>


More information about the release-team mailing list