Hi Felix,
> > Concerning testing: can I upload the NMU?
>
> Sure, please go ahead!
thanks! I have uploaded the NMU, with some very small changes: I have added
a patch for CVE-2019-5058, which addresses issues in a previously uploaded
patch for CVE-2018-3977 (via 1.2.12-10).
cheers,
Hugo
--
Hi Salvatore,
> FTR, there are new CVEs which appeared for TALOS-2019-0841
> TALOS-2019-0842, TALOS-2019-0843 and TALOS-2019-0844.
>
> It is unfortunate that Cisco Talos project is a bit intransparent on
> referencing the respecitve upstream fixes after disclosure :(
Thanks for the information.
Hi
FTR, there are new CVEs which appeared for TALOS-2019-0841
TALOS-2019-0842, TALOS-2019-0843 and TALOS-2019-0844.
It is unfortunate that Cisco Talos project is a bit intransparent on
referencing the respecitve upstream fixes after disclosure :(
Regards,
Salvatore
Hi Hugo,
On 27.07.19 19:39, Hugo Lefeuvre wrote:
Dear SDL packages maintainers,
I have uploaded the jessie LTS update.
I will coordinate with the security team for stretch and buster fixes via
point release.
Concerning testing: can I upload the NMU?
Sure, please go ahead!
Cheers,
Felix
Dear SDL packages maintainers,
I have uploaded the jessie LTS update.
I will coordinate with the security team for stretch and buster fixes via
point release.
Concerning testing: can I upload the NMU?
cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_ 360B
Source: sdl-image1.2
Version: 1.2.12-10
Severity: important
Tags: security upstream
Hi,
the following security issues[0] were published for sdl-image1.2:
* CVE-2019-5052: integer overflow and subsequent buffer overflow in IMG_pcx.c.
* CVE-2019-5051: heap-based buffer overflow in IMG_pcx.c.
*
6 matches
Mail list logo
