[sane-devel] CVE-2017-6318 (old: Bug#854804: saned: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server)

Olaf Meeuwissen paddy-hack at member.fsf.org
Tue Apr 18 12:33:29 UTC 2017

Hi Jörg,

Jörg Frings-Fürst writes:

> Hi,
> Debian is about to be released. Sane-backends do not have to contain
> any serious errors.
> I need your evaluation of the patch.

I sent my evaluation[1] last month.  Didn't you get it?  Is anything
wrong with the evaluation?  If so, please elaborate.

 [1] https://lists.alioth.debian.org/pipermail/sane-devel/2017-March/035067.html

Hope this helps,
Olaf Meeuwissen, LPIC-2            FSF Associate Member since 2004-01-27
 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13  F43E B8A4 A88A F84A 2DD9
 Support Free Software                        https://my.fsf.org/donate
 Join the Free Software Foundation              https://my.fsf.org/join

More information about the sane-devel mailing list