[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-6245
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 1 23:00:28 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
11b17fbf by Salvatore Bonaccorso at 2019-02-01T22:57:17Z
Add fixed version for CVE-2019-6245
Note for reviewers: Actually possibly the issue was already fixed in
2.5+dfsg1-3 with the inclusion of the 05-fix-recursion-crash.patch
patch. So pinpointing the fixed version needs re-evaluation here.
After 'respin' of a non-dead branch of 2.4's agg version the issue was
fixed in revision 119 and included in 1:2.4-r127+dfsg1-1 but the
05-fix-recursion-crash.patch patch was carried up in each subsequent
versions before that switch.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2506,7 +2506,7 @@ CVE-2019-6246 (An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling
NOTE: https://github.com/svgpp/svgpp/issues/70
CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...)
{DLA-1656-1}
- - agg <unfixed> (bug #919322)
+ - agg 1:2.4-r127+dfsg1-1 (bug #919322)
- svgpp <unfixed> (bug #919321)
NOTE: https://github.com/svgpp/svgpp/issues/70
NOTE: Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/11b17fbf0f46c7837cb93142ff0b39a8f1013aef
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/11b17fbf0f46c7837cb93142ff0b39a8f1013aef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190201/63529adb/attachment.html>
More information about the debian-security-tracker-commits
mailing list