Source: iodine Version: 0.6.0~rc1-2 Severity: grave Tags: security upstream patch fixed-upstream Justification: user security hole
Hi Gregor, There was a new upstream version for iodine released fixing an authentication bypass vulnerability. Upstream commit is at [1], but no CVE is yet assigned[2] so far. [1] https://github.com/yarrick/iodine/commit/b715be5cf3978fbe589b03b09c9398d0d791f850 [2] http://www.openwall.com/lists/oss-security/2014/06/16/5 Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
