[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Pkg-xfce-devel] xfce4 stable update for CVE-2007-6351

On Wed, Jan 30, 2008 at 12:05:50AM +0000, Simon Huggins wrote:
> On Wed, Jan 30, 2008 at 12:58:08AM +0100, Nico Golde wrote:
> > the following CVE (Common Vulnerabilities & Exposures) ids were
> > published for xfce4 some time ago.
> for xfce4?  These concern libexif.  Did you paste the wrong CVEs?

> > CVE-2007-6351[0]:
> > | libexif 0.6.16 and earlier allows context-dependent attackers to cause
> [..]
> > CVE-2007-6352[1]:
> > | Integer overflow in libexif 0.6.16 and earlier allows

Ah, you meant to paste 6531 and 6532 I think.

We'll have a look at them.

Thanks.

-- 
 ,--huggie-at-earth-dot-li--------stuff-thing-stuff----------DF5CE2B4--.
_|    Think of me as CVS with a brain and with some taste. - Linus     |_
 |                              Torvalds                               |
 `-------------------- http://www.earth.li/~huggie/ -------------------'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-xfce-devel/attachments/20080130/471ad24c/attachment.pgp
Reply to: