[Pkg-electronics-devel] CVE-2021-40391 fixed in gerbv 2.7.1
Carsten Schoenert
c.schoenert at t-online.de
Fri Nov 5 15:48:08 GMT 2021
Hello Violet,
thanks for spreading that information!
I've added the security so they can add an entry to the security tracker
for gerbv.
I might find time on the weekend to prepare a potential security update.
Am 04.11.21 um 20:41 schrieb Violet Land via Pkg-electronics-devel:
> Thanks to the excellent work of the Cisco Talos Team [1], we were
> notified of CVE-2021-40391 [2].
>
> The fix to this issue was backported to gerbv 2.7.x as release 2.7.1 [3].
>
> Please do not hesitate to contact us (preferred via GitHub issues [4])
> if you have any trouble including this fix in Debian. Moreover we are
> close to releasing 2.8.0 which will fix a number of additional issues [5]
>
> [1] https://talosintelligence.com/ <https://talosintelligence.com/>
> [2] https://talosintelligence.com/vulnerability_reports/TALOS-2021-1402
> [3] https://github.com/gerbv/gerbv/releases/tag/gerbv-2-7-1-RELEASE
> [4] https://github.com/gerbv/gerbv/issues
> [5] https://github.com/gerbv/gerbv/releases/tag/gerbv-2-8-0-RC-1
--
Regards
Carsten
More information about the Pkg-electronics-devel
mailing list