Re: imagemagick

To: Brian May <bam@debian.org>
Cc: team@security.debian.org, debian-lts@lists.debian.org
Subject: Re: imagemagick
From: Sébastien Delafond <seb@debian.org>
Date: Fri, 12 Feb 2016 08:34:39 +0100
Message-id: <[🔎] 20160212073439.GL27151@frisco.mine.nu>
In-reply-to: <[🔎] 8737syrfuv.fsf@prune.linuxpenguins.xyz>
References: <87mvrs6a9l.fsf@prune.linuxpenguins.xyz> <[🔎] 87y4aus98s.fsf@prune.linuxpenguins.xyz> <[🔎] 874mdgrrwv.fsf@prune.linuxpenguins.xyz> <[🔎] 20160211130151.GH27151@frisco.mine.nu> <[🔎] 8737syrfuv.fsf@prune.linuxpenguins.xyz>

On Feb/12, Brian May wrote:
> >   - imagemagick in squeeze appears to only be vulnerable
> >     TEMP-0811308-B63DA1[0].
> 
> This is five separate issues. See #811308. So does it make sense to ask
> for a separate CVE for each issue?

"Having a CVE associated to each security issue is definitely a plus, at
the very least for those issues serious enough to be fixed via a
DSA/DLA" stills stands :)

Cheers,

--Seb

Reply to:

References:
- Re: imagemagick
  - From: Brian May <bam@debian.org>
- Re: imagemagick
  - From: Brian May <bam@debian.org>
- Re: imagemagick
  - From: Sébastien Delafond <seb@debian.org>
- Re: imagemagick
  - From: Brian May <bam@debian.org>

Prev by Date: Re: Preparing to announce Squeeze LTS end-of-life
Next by Date: Re: Accepted eglibc 2.11.3-4+deb6u10 (source all amd64) into squeeze-lts
Previous by thread: Re: imagemagick
Next by thread: Re: imagemagick
Index(es):
- Date
- Thread