[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#885619: jessie-pu: package libextractor/1:1.3-2

Control: tags -1 -moreinfo +confirmed

On Mon, 2018-06-11 at 22:07 +0200, Bertrand Marc wrote:
> Le 08/06/2018 à 22:24, Adam D. Barratt a écrit :
> > Control: tags -1 + moreinfo
> > 
> > On Thu, 2017-12-28 at 17:32 +0100, Bertrand Marc wrote:
> > > Would you allow an update of libextractor 1.3-2 in Jessie to fix
> > > several minor security issues?
> > > 7 issues skipped by the security teams:
> > > 
> > 
> > [...]
> > >    * CVE-2017-15600 <https://security-tracker.debian.org/tracker/
> > > CVE-
> > > 2017-15600>: In GNU Libextractor 1.4, there is a NULL Pointer
> > > Dereference in the
> > >      EXTRACTOR_nsf_extract_method function of
> > > plugins/nsf_extractor.c.
> > > 
> > 
> > I assume the same issue that Julien raised for the stretch package
> > applies here.
> > 
> > Regards,
> > 
> > Adam
> 
> Indeed. The attached patch would fix the issue.

Thanks. Please go ahead.

Regards,

Adam
Reply to: