[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#913702: libwpd: CVE-2018-19208

On Wed, Nov 14, 2018 at 09:50:19PM +0100, Salvatore Bonaccorso wrote:
> Hi Rene,
> 
> On Wed, Nov 14, 2018 at 09:22:04PM +0100, Rene Engelhard wrote:
> > Hi,
> > 
> > On Wed, Nov 14, 2018 at 08:19:05AM +0100, Salvatore Bonaccorso wrote:
> > > [2] https://src.fedoraproject.org/rpms/libwpd/blob/e42834b844f3282d8ccb0889abf1b33f3f71e02f/f/0001-Resolves-rhbz-1643752-bounds-check-m_currentTable-ac.patch
> > 
> > Will apply, thanks.
> 
> Thanks!
> 
> > > Please adjust the affected versions in the BTS as needed.
> > 
> > Assuming stable was affected, I assume it's the same as last time and
> > this should go over p-u and not -security (since "only" DOS)?
> 
> Yes defintively, we already marked it as 'no-dsa'. So agree it does
> not warrant a DSA and can be safely updates via p-u.

Yeah, it's hardly even a security issue, otherwise we'd have to
treat every LO crash a security bug :-)

Cheers,
        Moritz
Reply to: