Hi, Since the Fedora Extras security SIG does not exist yet I'll do a maintainers post. As the FE zoo maintainer I've applied the security patch suggested on https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183109 I'm not sure the security analysis here is right, but since the patch seems harmless and zoo is exposed to external input via mail filters such as amavisd-new I preferred to err on the side of caution. If some people could review the alert and the patch I'd be grateful. To my knowledge other distributions have not acted on the alert yet (it's been published on many security lists in the last days). Regards, -- Nicolas Mailhot
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
