Am Freitag, 24. August 2012, 10:19:45 schrieben Sie: > Control: tags -1 + moreinfo > > On Fri, 2012-08-24 at 08:47 +0200, Cajus Pollmeier wrote: > > Please unblock package qpid-cpp > > > > This upload fixes a security problem inside of qpid client handlings > > (CVE-2012-3467). Please see > > > > http://www.openwall.com/lists/oss-security/2012/08/09/6 > > +--- a/src/qpid/broker/SaslAuthenticator.h > ++++ b/src/qpid/broker/SaslAuthenticator.h > +@@ -54,7 +54,7 @@ > + static void init(const std::string& saslName, std::string const & > saslConfigPath ); + static void fini(void); > + > +- static std::auto_ptr<SaslAuthenticator> > createAuthenticator(Connection& connection, bool isShadow); ++ static > std::auto_ptr<SaslAuthenticator> createAuthenticator(Connection& > connection); > > createAuthenticator() is a public symbol of libqpidbroker, which is > shipped as a public library in /usr/lib. That means the library has > changed ABI without changing SONAME afaics. libqpidbroker is only used by the qpid broker itself. There's nothing in testing that uses the broker library - besides the broker itself. Unstable has the qpidd-msgstore module that makes use of that library. I'm not sure if and how I can simply change the SONAME for the broker. And if there's a need for that in this case. Any hints?
Attachment:
signature.asc
Description: This is a digitally signed message part.