Justification for SRU: This bug affects 371 users and has a bug heat of 1860. It is also a potential security issue. As per above comments, security team has agreed to let this bug fixed according to the SRU process.
Upstream has accepted temugen's patch and papyon 0.4.4-1ubuntu1 in lucid includes this patch.
TEST CASE: As per comment #36, this bug can be reproduced by sending a malformed SHA1C value via an msn_object avatar, for example by modifying papyon to the following: http://pastebin.ubuntu.com/390204/
This patch is already in new upstream version and working fine on lucid. Regresion potential is low
Justification for SRU: This bug affects 371 users and has a bug heat of 1860. It is also a potential security issue. As per above comments, security team has agreed to let this bug fixed according to the SRU process.
Upstream has accepted temugen's patch and papyon 0.4.4-1ubuntu1 in lucid includes this patch.
TEST CASE: As per comment #36, this bug can be reproduced by sending a malformed SHA1C value via an msn_object avatar, for example by modifying papyon to the following: http:// pastebin. ubuntu. com/390204/
This patch is already in new upstream version and working fine on lucid. Regresion potential is low