This is already public and has not yet a CVE assigned to it. I'm making this ticket public. For more information: https://www.mail-archive.com/[email protected]/msg69244.html And what seems to be the fix: http://www.git.cypherpunks.su/?p=nncp.git;a=commit;h=f2df8e3ea21ae25be03fd4dc87a284cc44619dc4
Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures ** Information type changed from Private Security to Public Security ** Changed in: nncp (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2125206 Title: Upgrade to new release of nntp To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nncp/+bug/2125206/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
