kwallet-pam: Regression in CVE-2018-10380 fixes
Maximiliano Curia
maxy at debian.org
Sat May 5 09:25:00 UTC 2018
Hi,
After applying the proposed fixes a couple of users started having issues with
kwallet-pam, as reported here: https://bugs.kde.org/show_bug.cgi?id=393856
The patch to fix the issue is being worked in
https://phabricator.kde.org/D12702. I'm not sure what are the current plans to
release a version of kwallet-pam with CVE-2018-10380, the announcement
mentions 5.12.6 which is a couple of months away, but just to be on the safe
side Luigi Toscano convinced me that it was worth sending this message to
release.
Happy hacking,
--
"If a million people believe a foolish thing, it is still a foolish thing."
-- France's Rule of Folly
Saludos /\/\ /\ >< `/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/release-team/attachments/20180505/da16ac3d/attachment.sig>
More information about the release-team
mailing list