[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#973963: RFS: libonig/6.9.6-1 -- regular expressions library

On Sun, Nov 08, 2020 at 07:02:27PM +0100, Jörg Frings-Fürst wrote:
> Hello Adrian,

Hi Jörg,

> CVE-2020-26159 was released following a review with Coverity. This resulted in
> 27 errors. One of them was a false positive.
> Which of the bugs led to the CVE report I cannot judge.
> The remaining bugs have been fixed in the meantime. I therefore believe that the
> CVE report can be closed.

apologies for the delay.

The CVE is now generally considered bogus, would it be OK for you if I 
upload your RFS with the changelog line
    - Fix CVE-2020-26159 (Closes: #972113).

> CU
> Jörg


Reply to: