On 2/16/22 01:52 PM, jp charras wrote:

Le 16/02/2022 à 19:38, Steven A. Falco a écrit :
I found "Fix overflow vulnerability in Gerbview" and possibly "Fix relative return 
with nullptr condition".  Are there other patches in the series, or are those two the only 
ones that are needed?

I tried grepping the log for CVE, but didn't find much...


3 fixes are needed. This one is needed:

"Fix float scaling to use single fn"

I tried applying the patches to 5.1.12 but ran into rejects that I didn't feel 
comfortable to rework.

I'm asking on the Fedora list, and there is a way to request exceptions to the 
"Fedora major update policy".  I'll see where that leads.  Given that KiCad is 
planning to do annual major updates, I suspect this problem will keep coming up, so if I 
can get an exception to the policy, that would be best.


Mailing list: https://launchpad.net/~kicad-developers
Post to     : kicad-developers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kicad-developers
More help   : https://help.launchpad.net/ListHelp

Reply via email to