Re: [Pkg-xfce-devel] xfce4 stable update for CVE-2007-6351

To: debian-release@lists.debian.org
Cc: Debian Xfce Maintainers <pkg-xfce-devel@lists.alioth.debian.org>
Subject: Re: [Pkg-xfce-devel] xfce4 stable update for CVE-2007-6351
From: Simon Huggins <huggie@earth.li>
Date: Wed, 30 Jan 2008 00:05:50 +0000
Message-id: <[🔎] 20080130000550.GU7788@paranoidfreak.co.uk>
Mail-followup-to: debian-release@lists.debian.org, Debian Xfce Maintainers <pkg-xfce-devel@lists.alioth.debian.org>
In-reply-to: <20080129235808.GA12993@ngolde.de>
References: <20080129235808.GA12993@ngolde.de>

On Wed, Jan 30, 2008 at 12:58:08AM +0100, Nico Golde wrote:
> the following CVE (Common Vulnerabilities & Exposures) ids were
> published for xfce4 some time ago.

for xfce4?  These concern libexif.  Did you paste the wrong CVEs?

> CVE-2007-6351[0]:
> | libexif 0.6.16 and earlier allows context-dependent attackers to cause
[..]
> CVE-2007-6352[1]:
> | Integer overflow in libexif 0.6.16 and earlier allows

-- 
----------(  In most countries selling harmful things like   )----------
----------(  drugs is punishable. How come then that people  )----------
Simon ----(    sell Microsoft software and go unpunished?    )---- Nomis
                             Htag.pl 0.0.22

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: [Pkg-xfce-devel] xfce4 stable update for CVE-2007-6351
  - From: Simon Huggins <huggie@earth.li>

Prev by Date: Re: [Pkg-xfce-devel] xfce4 stable update for CVE-2007-6351
Next by Date: Re: New release goal: using su-to-root instead of *su in desktop/menu files
Previous by thread: KDE stable proposed update
Next by thread: Re: [Pkg-xfce-devel] xfce4 stable update for CVE-2007-6351
Index(es):
- Date
- Thread