[Secure-testing-commits] r48222 - data
Raphaël Hertzog
hertzog at moszumanska.debian.org
Fri Jan 20 10:44:52 UTC 2017
Author: hertzog
Date: 2017-01-20 10:44:52 +0000 (Fri, 20 Jan 2017)
New Revision: 48222
Modified:
data/dla-needed.txt
Log:
Update status of jbig2dec and libxml-twig-perl
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-01-20 10:16:08 UTC (rev 48221)
+++ data/dla-needed.txt 2017-01-20 10:44:52 UTC (rev 48222)
@@ -33,7 +33,8 @@
jasper (Thorsten Alteholz)
--
jbig2dec
- NOTE: No known solution as of 2017-01-08.
+ NOTE: No known solution as of 2017-01-20.
+ NOTE: 2017-01-20: Pinged upstream: https://bugs.ghostscript.com/show_bug.cgi?id=697457#c4
--
libav (Hugo Lefeuvre)
NOTE: Upstream should provide new point-releases fixing open security issues in the next months.
@@ -45,8 +46,10 @@
libplist (Emilio Pozuelo)
--
libxml-twig-perl
- NOTE: no upstream fix yet for expand_external_ents but new no_xxe flag in 3.50
- NOTE: could be backported (2016-12-13)
+ NOTE: no upstream fix yet (as of 2017-01-20) for expand_external_ents
+ NOTE: but new no_xxe flag in 3.50 that could be backported
+ NOTE: 2016-12-13: Upstream ping here: https://rt.cpan.org/Public/Bug/Display.html?id=118097#txn-1690223
+ NOTE: 2017-01-20: Ping upstream by private email -- Raphael Hertzog
--
linux
--
More information about the Secure-testing-commits
mailing list