CVE-2017-6311
Jeremy Bicha
jbicha at ubuntu.com
Wed Mar 22 14:59:47 UTC 2017
On Wed, Mar 22, 2017 at 2:19 AM, Salvatore Bonaccorso <carnil at debian.org> wrote:
> My concern actually is not that once the experimental version would
> enter unstable, and the issue would not be fixed, then the status
> change here.
I think the bigger question is whether or not it's better for
gnome-desktop3 to drop its custom thumbnailer code and use
gdk-pixbuf's. Does gnome-desktop3 already suffer from the same
vulnerabilities or worse?
https://git.gnome.org/browse/gnome-desktop/commit/?id=b69fde6f4
I'm bumping Debian's gdk-pixbuf tracking bugs to serious for now so it
won't automatically migrate to testing later unless we lower the
severity again. (But this change wasn't intended for stretch anyway.)
Thanks,
Jeremy Bicha
More information about the pkg-gnome-maintainers
mailing list