Bug#986006: libpdfbox2-java: CVE-2021-27807
tony mancill
tmancill at debian.org
Wed May 19 05:10:18 BST 2021
On Tue, May 18, 2021 at 09:01:51PM +0200, Moritz Mühlenhoff wrote:
> Am Mon, Apr 05, 2021 at 09:37:41AM -0700 schrieb tony mancill:
> > On Sat, Mar 27, 2021 at 07:52:37PM +0100, Salvatore Bonaccorso wrote:
> > > Source: libpdfbox2-java
> > > Version: 2.0.22-1
> > > Severity: important
> > > Tags: security upstream
> > > X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
> >
> > Hi Salvatore,
> >
> > I'm continuing our thread from 986008, but switching over the BTS entry
> > 986006 for CVE-2021-27807 to try to cut down on confusion between the CVEs.
> > Below is why I marked this bug as fixed in 2.0.23-1. I haven't yet
> > identified the exact commit(s), but will update bug if I can locate it.
>
> Hi,
> this is also unfixed in bullseye, can you please file an unblock request?
Yes. The unblock request has been filed:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988753
Thanks!
tony
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-maintainers/attachments/20210518/98080e4e/attachment.sig>
More information about the pkg-java-maintainers
mailing list