Re: libxfont1 issues should not show up in the latently vulnerable packages list
On Sat, May 3, 2008 at 19:52:28 -0400, Michael Gilbert wrote:
> it appears that the recent libxfont1 issues (CVE-2007-5760,
> CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, and CVE-2007-6429) never
> affected sid (they were applicable only to sarge and etch [1]).
They were applicable to sid too, but have nothing to do with libXfont,
they are bugs in the X server. CVE-2008-0006 was fixed at the same
time, and actually affected libXfont.
Cheers,
Julien
Reply to: