> This is the potrace 0.14 diff, which supposedly resolves CVE-2016-8685
> and CVE-2016-8686 (which was previously described as not a bug in
> Unfortunately, it is somewhat large...
It looks like most of the changes are not related to the CVEs.
And the part fixing CVE-2016-8685 is identical to the patch that was
already used in stretch (which is buggy in wheezy).
Hugo Lefeuvre (hle) | www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
- From: Brian May <firstname.lastname@example.org>