Bug#876001: libwpd: CVE-2017-14226

To: Salvatore Bonaccorso <carnil@debian.org>, 876001@bugs.debian.org
Cc: team@security.debian.org
Subject: Bug#876001: libwpd: CVE-2017-14226
From: Rene Engelhard <rene@debian.org>
Date: Sun, 17 Sep 2017 14:54:12 +0200
Message-id: <[🔎] 20170917125412.GC10116@rene-engelhard.de>
Reply-to: Rene Engelhard <rene@debian.org>, 876001@bugs.debian.org
In-reply-to: <[🔎] 20170917115920.GA10116@rene-engelhard.de>
References: <[🔎] 150563802622.19433.2255460576917032537.reportbug@eldamar.local> <[🔎] 20170917115920.GA10116@rene-engelhard.de> <[🔎] 150563802622.19433.2255460576917032537.reportbug@eldamar.local>

Hi again,

On Sun, Sep 17, 2017 at 01:59:20PM +0200, Rene Engelhard wrote:
> On Sun, Sep 17, 2017 at 10:47:06AM +0200, Salvatore Bonaccorso wrote:
> > Source: libwpd
> > Version: 0.10.1-5
> > Severity: important
> > Tags: patch security upstream
> > Forwarded: https://sourceforge.net/p/libwpd/tickets/14/
> > 
> > Hi,
> > 
> > the following vulnerability was published for libwpd.
> >
> > CVE-2017-14226[0]:
> [...]
> 
> fixed in 0.10.2-1 for sid. Want this fixed as DSAs for jessie/stretch?

Ah, nevermind. I should have looked at the security tracker :):

[stretch] - libwpd <no-dsa> (Minor issue)
[jessie] - libwpd <no-dsa> (Minor issue)

OK.

It's in git now, for a possible later fix we can include this, too.

Regards,
 
Rene

Reply to:

Follow-Ups:
- Bug#876001: libwpd: CVE-2017-14226
  - From: Salvatore Bonaccorso <carnil@debian.org>

References:
- Bug#876001: libwpd: CVE-2017-14226
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Bug#876001: libwpd: CVE-2017-14226
  - From: Rene Engelhard <rene@debian.org>

Prev by Date: Bug#876001: libwpd: CVE-2017-14226
Next by Date: Bug#876001: libwpd: CVE-2017-14226
Previous by thread: Bug#876001: libwpd: CVE-2017-14226
Next by thread: Bug#876001: libwpd: CVE-2017-14226
Index(es):
- Date
- Thread