Re: Re: libappimage lts update

To: sgmoore@debian.org
Cc: debian-lts@lists.debian.org
Subject: Re: Re: libappimage lts update
From: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date: Mon, 23 Jan 2023 22:16:50 +0530
Message-id: <[🔎] CAPP0f97JzzkZ5sahitQn=F1k_YJk6yaYKkp2KSUVgMNcA12sJg@mail.gmail.com>
In-reply-to: <[🔎] 5644368.DvuYhMxLoT@scarlett-inspiron1676202in1>
References: <[🔎] CALF6qJmbBmx8cWN1NQiTt84uGnW5NPYQP3=QK5MoKzXyyQT8pw@mail.gmail.com> <[🔎] 5644368.DvuYhMxLoT@scarlett-inspiron1676202in1>

Hi Scarlett,

On Mon, Jan 23, 2023 at 6:43 PM Scarlett Moore
<scarlett.gately.moore@gmail.com> wrote:
> It turns out the issue affects 0.4 or earlier. Buster has 0.9.1 which was
> completely rewritten C -> C++ and not affected. While I was looking forward to
> learning this process, I am happy libappimage is not vulnerable in Buster.

Are you sure? Because as I see it, buster has 0.1.9 (and not 0.9.1)
which is < 0.4. :)

> Now the question is how does one get this blemish removed or shown as fixed?
> https://security-tracker.debian.org/tracker/source-package/libappimage

I'll be happy to show you the next steps once we confirm whether or
not the package is really vulnerable. Let me know what you think. TIA.

- u

Reply to:

Follow-Ups:
- Re: Re: libappimage lts update
  - From: Scarlett Moore <scarlett.gately.moore@gmail.com>

References:
- Re: libappimage lts update
  - From: Anton Gladky <gladk@debian.org>
- Re: Re: libappimage lts update
  - From: Scarlett Moore <scarlett.gately.moore@gmail.com>

Prev by Date: Re: Re: libappimage lts update
Next by Date: Re: Re: libappimage lts update
Previous by thread: Re: Re: libappimage lts update
Next by thread: Re: Re: libappimage lts update
Index(es):
- Date
- Thread