mailing list archives
Re: CVE request for bitlebee
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 19 Mar 2012 12:13:25 -0600
On 03/19/2012 04:34 AM, David Black wrote:
A few months ago it was reported that Bitlbee did not drop extra
groups(in unix.c) that the process launching it had.
There hasn't been a CVE assigned to this issue, so I thought I would
follow up and request one.
The original report can be found at
http://bugs.bitlbee.org/bitlbee/ticket/852 and it was fixed in
Please use CVE-2012-1187 for this issue.
Kurt Seifried Red Hat Security Response Team (SRT)