Bug#868580: closed by Simon McVittie <smcv at debian.org> (Re: Bug#868580: cairo: CVE-2017-9814)
Simon McVittie
smcv at debian.org
Tue Sep 28 21:47:31 BST 2021
On Tue, 28 Sep 2021 at 22:07:26 +0200, Salvatore Bonaccorso wrote:
> > This appears to have been fixed in 1.15.14, which means it's fixed in
> > buster and bullseye.
>
> I cannot check right now, but is this correct? The upstream issue
> https://gitlab.freedesktop.org/cairo/cairo/-/issues/264 seems to have
> been closed only very recently a few weeks ago, or where those only
> additional followups?
Those were additional followups, as far as I can tell. If they fixed
additional security issues in the same pattern, then those additional
security issues would need a separate CVE.
smcv
More information about the pkg-gnome-maintainers
mailing list