Bug #9622
CVE-2014-7203
0%
Description
This is the tracker bug for: https://bugzilla.redhat.com/show_bug.cgi?id=1147315
- This doesn't seem to effect ICE 1.2 (Need confirmation)
- This may effect ICE 1.3 (Unreleased)
Upstream commit here:
https://github.com/steamraven/libzmq/commit/0900a489213d74feb86fc0b343308fe7884a2a3c
From: http://www.inktank.com/enterprise/support/
Security Updates
Throughout the support lifecycle, qualified security issues of Critical or Important impact, as well as select mission-critical bugs, will be addressed by updated packages. For more information on how the impact of security issues is assessed, please read Issue Severity Classification on access.redhat.com. - See more at: http://www.inktank.com/enterprise/support/#sthash.9P6Uxs2W.dpuf
This issue does not fit the critical or imporant category under the current CVSS2 score, however if it can be picked up in the any spare cycles it would definitely be worth fixing.
I apologise in advance if the budge is lodged incorrectly.
History
#1 Updated by Dan Mick over 9 years ago
- Category set to Backend (services)
- Status changed from New to 12
- Assignee set to Dan Mick
- Target version set to 1.3 backlog
- Source changed from other to Community (dev)
When zeromq3-x stabilizes upstream, we'll make sure this is in it, and get distro packages built one way or another.
#2 Updated by Dan Mick over 9 years ago
This code is not included in 3.x, so this strengthens my resolve to downgrade
#3 Updated by Dan Mick over 9 years ago
Confident these don't affect currently shipping code.
#4 Updated by Dan Mick over 9 years ago
- Status changed from 12 to Can't reproduce
Confident this doesn't affect current code.
#5 Updated by Wade Mealing over 9 years ago
Thanks for your confirmation Dan :)