[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#946184: buster-pu: package fig2dev/1:3.2.7a-5+deb10u2

Control: tags -1 - moreinfo

Hi Adam,

On Wed, Dec 04, 2019 at 10:04:04PM +0000, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
> 
> On Wed, 2019-12-04 at 22:50 +0100, Roland Rosenfeld wrote:
> > This fixes CVE-2019-19555 in buster.  Since this is tagged
> > "unimportant" by the security team on
> > https://security-tracker.debian.org/tracker/CVE-2019-19555 they won't
> > publish a DSA, so I tend to send this into the next point release of
> > buster.
> 
> The Security Tracker and BTS suggest this issue is not yet resolved in
> unstable - is that correct?

The package has been uploaded to unstable, but it's only just not yet
installed and the tracker data thus knowing the version. Cf.

https://tracker.debian.org/news/1084412/accepted-fig2dev-1327b-2-source-into-unstable/
and
https://salsa.debian.org/security-tracker-team/security-tracker/commit/08d5562d87450a464efa5fbecaa792a38bee6123

Regards,
Salvatore
Reply to: