[Bug 231733] CVE-2007-1267: sylpheed <= 2.2.7 message forgery vulnerability
bugzilla at redhat.com
bugzilla at redhat.com
Sat Mar 10 23:28:00 UTC 2007
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2007-1267: sylpheed <= 2.2.7 message forgery vulnerability
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231733
bugs.michael at gmx.net changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution| |NOTABUG
------- Additional Comments From bugs.michael at gmx.net 2007-03-10 18:27 EST -------
Sylpheed uses GPGME, and GPGME 1.1.4 in FE6+ fixes the vulnerability:
http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html
FE5 includes a patched version of GPGME 1.1.2
(gpgme-1.1.3-multiple-message.patch).
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the Fedora-security-list
mailing list