Bug#929597: [PATCH] CVE-2019-12211: heap buffer overflow via memcpy

Anton Gladky gladk at debian.org
Sat Nov 23 14:08:48 GMT 2019


Hello Hugo,

thanks for update!

> Anton, you know this package better than me, would you be available to test the update?
I am also not an expert in the package, but sure, I will try to do it.

Regards

Anton

Am Sa., 23. Nov. 2019 um 10:25 Uhr schrieb Hugo Lefeuvre <hle at debian.org>:
>
> Hi,
>
> Upstream seems to have merged my patch along with some more changes
> regarding CVE-2019-12213[0].
>
> I am planning to take a look at this patch and release a DLA for jessie.
>
> The security team is also planning to release a DSA for stretch and buster.
> I am already working on a jessie upload, so I should also be able to handle
> stretch and buster.  Anton, you know this package better than me, would you
> be available to test the update?
>
> thanks!
>
> regards,
> Hugo
>
> [0] https://sourceforge.net/p/freeimage/svn/1825/
>
> --
>                 Hugo Lefeuvre (hle)    |    www.owl.eu.com
> RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
> ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C



More information about the debian-science-maintainers mailing list