There is two open vulnerabilities in libpng 1.2.27-2+lenny4 as you can see from:
http://security-tracker.debian.org/tracker/source-package/libpng The issues I am concerned about are CVE-2006-7244 and CVE-2009-5063. Notes of the issues are: "package libpng is vulnerable; however, the security impact is unimportant.", but I think these aren't unimportant as you can see from here: http://www.openwall.com/lists/oss-security/2011/03/22/7 http://www.openwall.com/lists/oss-security/2011/03/28/6 Is there a plan to fix these issues? Should I create a bug-report? Best regards, Henri Salo -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
