Bug#993592: probably not vulnerable? Re: #993592 CVE-2021-39359
Rebecca N. Palmer
rebecca_palmer at zoho.com
Mon Dec 9 20:01:32 GMT 2024
This *probably* doesn't affect Debian stable (5.2.10-3) and later, as
they were built --without-libsoup (to avoid an unrelated crash,
#1017528), and the description and upstream fix suggest that the
vulnerable functionality requires libsoup. Is this enough evidence to
mark it as non-vulnerable in the security tracker, and if so, what is
the process for doing so?
It probably does affect oldstable and earlier, but given its 'minor'
status in the security tracker, this might not be worth fixing. As
noted earlier in the bug, it has been properly fixed in unstable.
More information about the pkg-gnome-maintainers
mailing list