Bug#929597: [PATCH] CVE-2019-12211: heap buffer overflow via memcpy
Hugo Lefeuvre
hle at debian.org
Sat Nov 23 09:25:06 GMT 2019
Hi,
Upstream seems to have merged my patch along with some more changes
regarding CVE-2019-12213[0].
I am planning to take a look at this patch and release a DLA for jessie.
The security team is also planning to release a DSA for stretch and buster.
I am already working on a jessie upload, so I should also be able to handle
stretch and buster. Anton, you know this package better than me, would you
be available to test the update?
thanks!
regards,
Hugo
[0] https://sourceforge.net/p/freeimage/svn/1825/
--
Hugo Lefeuvre (hle) | www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-science-maintainers/attachments/20191123/a9e69f76/attachment.sig>
More information about the debian-science-maintainers
mailing list