[Secure-testing-commits] r58137 - data
Guido Guenther
agx at moszumanska.debian.org
Thu Nov 30 10:35:37 UTC 2017
Author: agx
Date: 2017-11-30 10:35:37 +0000 (Thu, 30 Nov 2017)
New Revision: 58137
Modified:
data/dla-needed.txt
Log:
lts: remove openexr
CVE-2017-12596 was already addressed by DLA-1083-1 and the other can be
postponed (no upstream fix available yet ant it's unclear if it's really
a bug)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-11-30 10:28:05 UTC (rev 58136)
+++ data/dla-needed.txt 2017-11-30 10:35:37 UTC (rev 58137)
@@ -75,9 +75,6 @@
NOTE: github). Pinged sourceforge project owner with sourceforge's
NOTE: integrated messaging feature. -- Raphaël Hertzog
--
-openexr (Guido Günther)
- NOTE: 20170902: CVE-2017-12596: bug reported upstream but no response yet (lamby)
---
optipng (anarcat)
NOTE: 20171127: Can confirm vulnerable in wheezy. (lamby)
--
More information about the Secure-testing-commits
mailing list