CVE-2017-6311
Michael Biebl
biebl at debian.org
Wed Mar 22 06:05:28 UTC 2017
Am 22.03.2017 um 06:39 schrieb Salvatore Bonaccorso:
>> * Add new libgdk-pixbuf2.0-bin package to install thumbnailer
>> binary and metadata needed by gnome-desktop 3.23 (LP: #1665602)
>> * Have libgdk-pibxuf2.0-0 recommend libgdk-pixbuf2.0-bin
>> * debian/rules: Change dh_install's --list-missing to --fail-missing to
>> catch this issue sooner next time
>
> I had no time to actually check the done upload, but can you please
> double check that with this upload CVE-2017-6311,
> https://bugzilla.gnome.org/show_bug.cgi?id=778204 is not opened up?
Thanks for the heads up!
Looking at https://security-tracker.debian.org/tracker/CVE-2017-6311,
I'd say the version information is slighly incorrect.
stretch,sid is marked as affected but we do not actually build/enable
the thumbnailing code there.
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20170322/12bf219b/attachment.sig>
More information about the pkg-gnome-maintainers
mailing list