Bug#998902: Reopening: bullseye-pu: package htmldoc/1.9.11-4
Control: tags -1 + confirmed
On Mon, 2021-11-15 at 17:56 +0100, Håvard Flaget Aasen wrote:
> Control: reopen 998902
>
> On Sat, 13 Nov 2021 00:17:02 +0100
> =?UTF-8?Q?H=C3=A5vard_Flaget_Aasen?= <haavard_aasen@yahoo.no> wrote:
> > CVE-2021-40985 has now been marked as unimportant, I'm therefore
> > closing this bug, since the CVE was the sole purpose of the update.
> >
> > Regards,
> > Håvard
> >
> >
> After some information in [1] I'm reopening this.
>
> All the previous information still holds true, but the proposed
> update
> has been expanded to include a fix for both CVE-2021-40985 and
> CVE-2021-43579.
> The upstream release fixing these issues has migrated to testing
> (1.9.13) and I have verified that the patches indeed prevent
> buffer-overflow in bullseye.
>
Please go ahead.
Regards,
Adam
Reply to: