[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Security check of libical

Hi libical developers, libical maintainer and LTS team

As part of the Debian Long Term Security team I have started to look
into a few possible security related vulnerabilities.
More details are available here:

My problem is that each CVE refers to a bugzilla bug id and they are not public
CVE-2016-5827 https://bugzilla.mozilla.org/show_bug.cgi?id=1281043
CVE-2016-5826 https://bugzilla.mozilla.org/show_bug.cgi?id=1281041
CVE-2016-5825 https://bugzilla.mozilla.org/show_bug.cgi?id=1280832
CVE-2016-5824 https://bugzilla.mozilla.org/show_bug.cgi?id=1275400
CVE-2016-5823 reserved, do you know anything about it?

My question to you are whether any of you know who I should contact
about these bugs?
Or if I can get access to them? (my login is ola@inguza.com)
Or who I should contact for requesting access.
Whether you know of any other security issues in libical (wheezy is
using revision 0.48)

Thanks a lot in advance!

// Ola

 --- Inguza Technology AB --- MSc in Information Technology ----
/  ola@inguza.com                    Folkebogatan 26            \
|  opal@debian.org                   654 68 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /

Reply to: