Bug#940951: Upstream version (and ideally commit) which fixed CVE-2018-7587?
Andreas Tille
tille at debian.org
Mon Mar 2 17:29:40 GMT 2020
On Mon, Mar 02, 2020 at 03:43:16PM +0100, Salvatore Bonaccorso wrote:
> Hi Andreas,
>
> On Mon, Mar 02, 2020 at 01:45:04PM +0000, Debian Bug Tracking System wrote:
> > Hello Andreas,
> >
> > I think I've fixed these bugs indeed, a few months ago.
> >
> > Regards,
> >
> > David.
> >
> > PS : I'm sorry but I don't write Changelog for CImg anymore. Not
> > that I don't maintain it, but it write my changes directly in the
> > Changelog of the G'MIC project.
>
> So this means 2.8.4 upstream contains the fix for CVE-2018-7587, any
> pointers to the upstream commit which fixed the issue, was it fixed
> before 2.8.4?
>
> Many thanks in advance,
I understood David that this was fixed even before. He has not pointed
to any specific commit.
Kind regards
Andreas.
--
http://fam-tille.de
More information about the debian-science-maintainers
mailing list