Re: ibus/CVE-2019-14822/glibc

To: Brian May <bam@debian.org>, debian-lts@lists.debian.org
Subject: Re: ibus/CVE-2019-14822/glibc
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Fri, 21 Feb 2020 11:09:33 +0100
Message-id: <[🔎] e26a7511-76e0-f166-c75c-41ecc0bd5f78@debian.org>
In-reply-to: <87o8uw3sxx.fsf@silverfish.pri>
References: <87k1741xt6.fsf@silverfish.pri> <87zhfwhm6s.fsf@silverfish.pri> <249f6fff-4f52-00a9-04e9-5092503894fc@debian.org> <87o8vh6rbl.fsf@silverfish.pri> <87lfql6pxo.fsf@silverfish.pri> <878smj7oyo.fsf@silverfish.pri> <a192ee5e-7a94-3403-8d1b-609950627612@debian.org> <87woa25v7l.fsf@silverfish.pri> <87o8vd5dsf.fsf@silverfish.pri> <87zheh4lz5.fsf@silverfish.pri> <87o8uw3sxx.fsf@silverfish.pri>

On 22/01/2020 07:29, Brian May wrote:
> Brian May <bam@debian.org> writes:
> 
>> commit 7cba800a84730c9c5843acdd775e42b8c1438edf (HEAD)
>> Author: Alexander Larsson <alexl@redhat.com>
>> Date:   Mon Jun 1 10:02:47 2015 +0200
> 
> This patch decreases the number of errors from 1 to 52.

Thanks for the investigation Brian. However after some thinking, given the
current issues and the risk of regressions, and that this bug requires a
somewhat unusual setup to exploit, I've decided to mark it as ignored.

Cheers,
Emilio

Reply to:

Prev by Date: Re: (semi-)automatic unclaim of packages with more than 2 weeks of inactivity (and missing DLAs on www.do)
Next by Date: Re: Bug#931376: debian-security-support: mention nodejs is not for untrusted content
Previous by thread: Re: phppgadmin / CVE-2019-10784
Next by thread: Is it okay to bump dh-compat?
Index(es):
- Date
- Thread