Kopete: CVE 2017-5593 (User Impersonation Vulnerability)

Pali Rohár pali.rohar at gmail.com
Tue Feb 14 09:34:56 UTC 2017

On Tuesday 14 February 2017 10:19:17 Luca Beltrame wrote:
> Il giorno Tue, 14 Feb 2017 09:21:12 +0100
> Pali Rohár <pali.rohar at gmail.com> ha scritto:
> > 1) Upstream libiris does not support building dynamic shared library
> Then they should be pestered until they do, it would at least reduce
> the impact of issues like this one. 

Ok, I will open ticket for it in upstream bug tracker.

> > 2) Upstream libiris does not have stable API/ABI
> Do you know if they at least bump soversions?

Soversion? See 1) There are no shared .so dynamic libraries, so nothing
like soversion even exists.

Pali Rohár
pali.rohar at gmail.com

More information about the release-team mailing list