Bug#868580: closed by Simon McVittie <smcv at debian.org> (Re: Bug#868580: cairo: CVE-2017-9814)
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 29 04:53:03 BST 2021
Simon,
On Tue, Sep 28, 2021 at 09:47:31PM +0100, Simon McVittie wrote:
> On Tue, 28 Sep 2021 at 22:07:26 +0200, Salvatore Bonaccorso wrote:
> > > This appears to have been fixed in 1.15.14, which means it's fixed in
> > > buster and bullseye.
> >
> > I cannot check right now, but is this correct? The upstream issue
> > https://gitlab.freedesktop.org/cairo/cairo/-/issues/264 seems to have
> > been closed only very recently a few weeks ago, or where those only
> > additional followups?
>
> Those were additional followups, as far as I can tell. If they fixed
> additional security issues in the same pattern, then those additional
> security issues would need a separate CVE.
Ack, thank you. Updated the security-tracker earlier then with the
fixed version.
Regards,
Salvatore
More information about the pkg-gnome-maintainers
mailing list