[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#47510: cflow is vulnerable to CVE-2019-16165 and CVE-2019-16166
From: |
Maxim Cournoyer |
Subject: |
bug#47510: cflow is vulnerable to CVE-2019-16165 and CVE-2019-16166 |
Date: |
Thu, 17 Mar 2022 22:35:12 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Hello!
Léo Le Bouter <lle-bout@zaclys.net> writes:
> I asked the maintainer to fix the issues because they were unfixed
> since a while, they have done so recently:
>
> https://git.savannah.gnu.org/cgit/cflow.git/commit/?id=b9a7cd5e9d4efb54141dd0d11c319bb97a4600c6
>
> They have not made a recently, also it seems they fixed other issues
> that could be security relevant in their commit log, not sure if we
> apply/backport patches or wait for release.
Our cflow package is now at 1.7, which includes the above commit and CVE
fixes.
Thank you,
Maxim
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#47510: cflow is vulnerable to CVE-2019-16165 and CVE-2019-16166,
Maxim Cournoyer <=