On 23 October 2010 04:11, Silvio Cesare <silvio.ces...@gmail.com> wrote: > Centerim also embeds expat in libjabber. expat does xml parsing. I have > confirmed that the fix for cve-2009-3720 has not been applied to the > centerim sources. There is another associated expat vulnerability that might > be present also but I have not investigated. They are both denial of > services.Not sure how these would be triggered. >
cve-2009-3720 is fixed in trunk now. If you find another vulnerability, please let me know cheers Boris "transacid" Petersen -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
