Hi Alois,
Am Tue, Dec 02, 2025 at 01:45:25PM +0100 schrieb Alois Schlögl:
> release v3.9.1 addresses are number of the reported CVE but not all.
> Some MFER parsing issues are only addressed at some later commits.
> The other CVE's (related to GDF, NEX, ABF, RHS2000, BrainVision) are
> addressed by v3.9.1.
Thank you for the confirmation.
> I've planning to release 3.9.2 within the next 5 weeks, this will fix the
> other known security issues as well as a number of other bugs.
> Again, the ABI will not change. If 5 weeks is to much, I can check whether I
> can push this forward.
I personally have no pressure, just stumbled upon a bug that could / should
be fixed with the effort of a simple upgrade to latest upstream.
Just ping on the Debian Med list + this bug once you have released the
next version and whether it might fix this bug.
Kind regards
Andreas.
--
https://fam-tille.de
