[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Wheezy update of jbig2dec?

Hi Chris,

Le vendredi, 6 janvier 2017, 06.28:58 h CET Chris Lamb a écrit :
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of jbig2dec:
> https://security-tracker.debian.org/tracker/source-package/jbig2dec
> Would you like to take care of this yourself?

If you are referring to [CVE-2016-9601], it seems quite premature to fix this 
in Wheezy, as according to [GS:697457], there is currently no upstream fix 
available (so all our releases are apparently affected).

I am not going to write a fix for that myself, at least, but feel free to 
coordinate this with upstream!


[CVE-2016-9601] https://security-tracker.debian.org/tracker/CVE-2016-9601
[GS:697457] https://bugs.ghostscript.com/show_bug.cgi?id=697457

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: