[Debian-astro-maintainers] Bug#892458: Fwd: ftools update
Salvatore Bonaccorso
carnil at debian.org
Mon Apr 16 21:40:02 BST 2018
Hi Sam,
On Mon, Apr 09, 2018 at 10:19:34AM +1000, Sam Fowler wrote:
> On Wed, 14 Mar 2018 16:22:19 +0100 Ole Streicher <olebole at debian.org> wrote:
> > FYI
> >
> >
> > -------- Forwarded Message --------
> > Subject: [Debian-astro-maintainers] ftools update
> > Date: Wed, 14 Mar 2018 10:42:25 -0400
> > From: Michael Arida <Michael.Arida at nasa.gov>
> > To: debian-astro-maintainers at lists.alioth.debian.org
> >
> >
> > Dear Debian Astro Maintainers,
> >
> > As you may have noticed CFITSIO was updated Friday (March 2) for a
> > major bug fix. Since you have a software bundle that uses what we
> > assume is CFITSIO somewhere under the hood, we wanted to let you know
> > that you should update that code. We are also expecting another
> > update in April.
> >
> > If you have any questions or concerns, feel free to contact me.
> >
> > Regards,
> > Mike Arida
> > ____________________________________________________________
> > Michael Arida (ADNET) ASD/HEASARC
> > 301.286.2291/1215 (voice/fax) Code 660, NASA/GSFC
> > michael.arida at nasa.gov Greenbelt, MD 20771
> >
> > _______________________________________________
> > Debian-astro-maintainers mailing list
> > Debian-astro-maintainers at lists.alioth.debian.org
> > https://lists.alioth.debian.org/mailman/listinfo/debian-astro-maintainers
>
> This has been assigned has been assigned CVE-2018-1000166.
Looking at
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0531
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0529
it looks for those issues already CVE-2018-3848, CVE-2018-3849 and
CVE-2018-3846 were assigned and CVE-2018-1000166 is duplicate. Can you
confirm? And if so ask for rejection of CVE-2018-1000166?
Regards,
Salvatore
More information about the Debian-astro-maintainers
mailing list