Re: Re: libappimage lts update
Hi Scarlett,
On Mon, Jan 23, 2023 at 6:43 PM Scarlett Moore
<scarlett.gately.moore@gmail.com> wrote:
> It turns out the issue affects 0.4 or earlier. Buster has 0.9.1 which was
> completely rewritten C -> C++ and not affected. While I was looking forward to
> learning this process, I am happy libappimage is not vulnerable in Buster.
Are you sure? Because as I see it, buster has 0.1.9 (and not 0.9.1)
which is < 0.4. :)
> Now the question is how does one get this blemish removed or shown as fixed?
> https://security-tracker.debian.org/tracker/source-package/libappimage
I'll be happy to show you the next steps once we confirm whether or
not the package is really vulnerable. Let me know what you think. TIA.
- u
Reply to: