[Secure-testing-team] Bug#751834: iodine: authentication bypass
Salvatore Bonaccorso
carnil at debian.org
Tue Jun 17 04:57:18 UTC 2014
Source: iodine
Version: 0.6.0~rc1-2
Severity: grave
Tags: security upstream patch fixed-upstream
Justification: user security hole
Hi Gregor,
There was a new upstream version for iodine released fixing an
authentication bypass vulnerability.
Upstream commit is at [1], but no CVE is yet assigned[2] so far.
[1] https://github.com/yarrick/iodine/commit/b715be5cf3978fbe589b03b09c9398d0d791f850
[2] http://www.openwall.com/lists/oss-security/2014/06/16/5
Regards,
Salvatore
More information about the Secure-testing-team
mailing list