Hi Salvatore, > When the CVE first appeared it was not yet clear where exactly the > vulnerabilities lie, thus we kept the TODO as per > > TODO: check details and correct vulnerability location > > Now that you apparently found the root cause and followed up upstream > in the bugzilla, right thing would be to replace the source package > tracking entries to the correct source. > So basically replace tracking of slibsdl2 and libsdl1.2 with > libsdl2-image and sdl-image1.2 instead. I see that you already did it, thanks! :) cheers, Hugo -- Hugo Lefeuvre (hle) | www.owl.eu.com RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
Attachment:
signature.asc
Description: PGP signature