Michael Gilbert mgilb...@debian.org wrote:
The diff looks ok to me. Other distros did security announcements for
this, so it would be ok to do a DSA also. If you want, upload to
security-master and I'll handle the DSA, otherwise you should discuss
as a proposed update with the release team.
Moritz Muehlenhoff j...@inutil.org wrote:
On Fri, Mar 28, 2014 at 06:38:07PM -0400, Michael Gilbert wrote:
package: src:tiff
version: 3.9.4-5
severity: important
This issue is currently unfixed in the tiff packages:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243
This wasn't
On Sat, Jun 21, 2014 at 6:32 PM, Jay Berkenbilt wrote:
I've finally had a chance to deal with this. The patch applies cleanly
with offsets to the versions in squeeze, wheezy, and sid, so I've
prepared packages for all three distributions. I'm attaching the debdiff
files here. Please let me
Michael Gilbert mgilb...@debian.org wrote:
On Sat, Jun 21, 2014 at 6:32 PM, Jay Berkenbilt wrote:
I've finally had a chance to deal with this. The patch applies cleanly
with offsets to the versions in squeeze, wheezy, and sid, so I've
prepared packages for all three distributions. I'm
The diff looks ok to me. Other distros did security announcements for
this, so it would be ok to do a DSA also. If you want, upload to
security-master and I'll handle the DSA, otherwise you should discuss
as a proposed update with the release team.
Okay, I've uploaded to security-master.
I
On Fri, Mar 28, 2014 at 06:38:07PM -0400, Michael Gilbert wrote:
package: src:tiff
version: 3.9.4-5
severity: important
This issue is currently unfixed in the tiff packages:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243
This wasn't fixed in DSA 2744 since no patch was
package: src:tiff
version: 3.9.4-5
severity: important
This issue is currently unfixed in the tiff packages:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243
No DSA needed since it only affects the gif2tiff command-line tool.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to
7 matches
Mail list logo