[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security issues in libpodofo. Request for advice.

Hi :)

On Mon, May 01, 2017 at 10:18:47PM +0200, Ola Lundqvist wrote:
> Adding the maintainer to this thread. :-)

uh, is my input needed anywhere?  I could not find anything specific.
(+ the top posting is awful)

> On 1 May 2017 at 22:13, Ola Lundqvist <ola@inguza.com> wrote:
> > I have now looked through the CVEs for libpodofo and found that all
> > remaining issues in wheezy except one are of the DoS class.
> > This leaves me to think that we should mark all of them (with the
> > exception of one) as a no-dsa minor issue.
> >
> > Anyone disagree?

I totally agree with you, which is also the reason why I downgraded the
bug the security team filed from grave to important, but apparently they
disagree with me, given they rised it again…

                        Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540      .''`.
more about me:  https://mapreri.org                             : :'  :
Launchpad user: https://launchpad.net/~mapreri                  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-

Attachment: signature.asc
Description: PGP signature

Reply to: