KVIrc in Debian not affected by CVE-2008-7070 (was: KVIrc 4.x not affected by CVE-2008-7070)

To: debian-security-tracker@lists.debian.org
Cc: Raúl Sánchez Siles <rasasi78@gmail.com>, Mark Purcell <msp@debian.org>
Subject: KVIrc in Debian not affected by CVE-2008-7070 (was: KVIrc 4.x not affected by CVE-2008-7070)
From: Kai Wasserbäch <debian@carbon-project.org>
Date: Sun, 10 Jan 2010 17:31:06 +0100
Message-id: <[🔎] 4B4A00CA.9090003@carbon-project.org>
In-reply-to: <[🔎] 4B49FBF7.7010309@carbon-project.org>
References: <[🔎] 4B49FBF7.7010309@carbon-project.org>

[Please CC me, when replying. CCing Raúl and Mark, please keep them in the loop
too.]

Dear Security Team members,
I just talked to an upstream core developer of KVIrc who was on board at the
time of this report and he told me, that this bug only affected Windows versions
in combination with IE. This is also - to some extent - documented at [0]f.

Therefore I kindly request to mark all versions in Debian as unaffected by this
bug/vulnerability.

Kind regards,
Kai Wasserbäch


[0] http://lists.omnikron.net/pipermail/kvirc/2008-November/000640.html



-- 

Kai Wasserbäch (Kai Wasserbaech)

E-Mail: debian@carbon-project.org
Jabber (debianforum.de): Drizzt
URL: http://wiki.debian.org/C%C3%B9ran
GnuPG: 0xE1DE59D2      0600 96CE F3C8 E733 E5B6 1587 A309 D76C E1DE 59D2
(http://pgpkeys.pca.dfn.de/pks/lookup?search=0xE1DE59D2&fingerprint=on&hash=on&op=vindex)

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

References:
- KVIrc 4.x not affected by CVE-2008-7070
  - From: Kai Wasserbäch <debian@carbon-project.org>

Prev by Date: KVIrc 4.x not affected by CVE-2008-7070
Next by Date: mantis: doubt about fixing bug
Previous by thread: KVIrc 4.x not affected by CVE-2008-7070
Next by thread: mantis: doubt about fixing bug
Index(es):
- Date
- Thread