Bug 18697

Summary: sogo several new security issues (CVE-2016-618[89], CVE-2016-619[01], CVE-2014-9905)
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Dimitri Jakov <mitya>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: sogo-2.3.1-3.mga6.src.rpm CVE:
Status comment:

Description David Walser 2016-06-13 14:23:34 CEST 
CVEs have been requested for several security issues in SOGo:
http://openwall.com/lists/oss-security/2016/06/13/2
Comment 1 David Walser 2016-07-08 15:59:58 CEST 
Sounds like at least some of the issues have been fixed upstream now:
http://openwall.com/lists/oss-security/2016/07/08/2
Comment 2 David Walser 2016-07-09 20:22:43 CEST 
CVEs have been assigned, commits to fix them have been linked:
http://openwall.com/lists/oss-security/2016/07/09/3

Summary: sogo several new security issues => sogo several new security issues (CVE-2016-618[89], CVE-2016-619[01], CVE-2014-9905)

Comment 3 David Walser 2016-10-04 14:34:26 CEST 
sogo 3.2.0 has been released:
https://sogo.nu/news/2016/article/sogo-v320-released.html

Please update or drop this package.
Comment 4 Nicolas Lécureuil 2017-04-26 08:59:38 CEST 
Fixed in cauldron

Resolution: (none) => FIXED
Status: NEW => RESOLVED
Assignee: mageia => mitya