Hi libical developers, libical maintainer and LTS team As part of the Debian Long Term Security team I have started to look into a few possible security related vulnerabilities. More details are available here: https://security-tracker.debian.org/tracker/source-package/libical
My problem is that each CVE refers to a bugzilla bug id and they are not public CVE-2016-5827 https://bugzilla.mozilla.org/show_bug.cgi?id=1281043 CVE-2016-5826 https://bugzilla.mozilla.org/show_bug.cgi?id=1281041 CVE-2016-5825 https://bugzilla.mozilla.org/show_bug.cgi?id=1280832 CVE-2016-5824 https://bugzilla.mozilla.org/show_bug.cgi?id=1275400 CVE-2016-5823 reserved, do you know anything about it? My question to you are whether any of you know who I should contact about these bugs? Or if I can get access to them? (my login is [email protected]) Or who I should contact for requesting access. Whether you know of any other security issues in libical (wheezy is using revision 0.48) Thanks a lot in advance! // Ola -- --- Inguza Technology AB --- MSc in Information Technology ---- / [email protected] Folkebogatan 26 \ | [email protected] 654 68 KARLSTAD | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / ---------------------------------------------------------------
