There is no upstream fix still available. I am planning to decrease the severity of the ticket to normal and track it as a simple security issue.
Anton Am Mo., 27. Mai 2019 um 23:01 Uhr schrieb Anton Gladky <gl...@debian.org>: > > CVE-2019-12214 does not affect buster and stretch. > Jessie should be double checked because an older > version is used there. > > Anton > > Am So., 26. Mai 2019 um 22:01 Uhr schrieb Anton Gladky <gl...@debian.org>: > > > > Hi Moritz, > > > > thanks for the reporting. As far as I see, there is still > > no available fix from upstream. > > > > Cheers > > > > Anton > > > > Am So., 26. Mai 2019 um 21:27 Uhr schrieb Moritz Muehlenhoff > > <j...@debian.org>: > > > > > > Source: freeimage > > > Severity: grave > > > Tags: security > > > > > > Please see > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12211 > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12212 > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12213 > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12214 > > > > > > Cheers, > > > Moritz > > > > > > -- > > > debian-science-maintainers mailing list > > > debian-science-maintain...@alioth-lists.debian.net > > > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-science-maintainers