Bug 18951

Summary: qpid-proton-java new security issue CVE-2016-4467
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Pascal Terjan <pterjan>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: geiger.david68210, mageia
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: qpid-proton-java-0.12.0-1.mga6.src.rpm CVE: CVE-2016-4467
Status comment:

Description David Walser 2016-07-15 13:31:57 CEST 
Upstream has issued an advisory today (July 15):
http://openwall.com/lists/oss-security/2016/07/15/3

The issue is fixed in 0.13.1.

Mageia 5 is not affected.
David Walser 2016-07-15 13:32:09 CEST

CC: (none) => geiger.david68210, mageia

Nicolas Lécureuil 2017-05-01 22:29:41 CEST

CVE: (none) => CVE-2016-4467

Comment 1 Nicolas Lécureuil 2017-05-01 22:34:47 CEST 
Fixed in cauldron

Status: NEW => RESOLVED
Resolution: (none) => FIXED