[OTR-dev] otrl_base64_otr_decode() function...

Ian Goldberg ian at cypherpunks.ca
Fri Jul 27 11:18:25 EDT 2012


On Fri, Jul 27, 2012 at 06:21:48AM -0400, Justin Ferguson wrote:
> While, I personally, don't feel an advisory is warranted, it seems
> like if at least a CVE is not obtained that the vendors themselves are
> lackadaisical about upgrading their packages, as such and due to the
> fact that the original posting was obscure, the following 'advisory'
> is included. There is no further actionable information from the
> viewpoint of the OTR developers, this is strictly for reference by
> Mitre et al.

If packagers want to incorporate the fix into libotr 3.2.0 before the
next release, they should pull from the 3.2_dev branch on git.  (From
tag release_3_2_0 to the 3.2_dev head.)

http://otr.git.sourceforge.net/git/gitweb.cgi?p=otr/libotr;a=log;h=refs/heads/3.2_dev

Thanks,

   - Ian



More information about the OTR-dev mailing list