[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add librsvg to dla-needed.txt


Am 11.02.2018 um 23:08 schrieb Santiago R.R.:
> El 11/02/18 a las 18:16, Markus Koschany escribió:
>> Markus Koschany pushed to branch master at Debian Security Tracker /
>> security-tracker
>> Commits:
>>   • f8aa9d3d
>>     by Markus Koschany at 2018-02-11T19:16:41+01:00
>>     Add librsvg to dla-needed.txt
> Hi Markus,
> The information I found about CVE-2018-1000041 is scarce. Do you have
> more details about why this CVE warrants a DLA?

I have added librsvg based on the information provided at:


Salvatore added a link to an upstream commit


which is supposedly the fix for CVE-2018-1000041. According to this
information the Wheezy version looks vulnerable to me because the
affected code is present. That was enough reason for me to add librsvg
to dla-needed.txt.



Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: