[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bsdiff package vulnerable to CVE-2020-14315

From: Leo Famulari
Subject: Re: bsdiff package vulnerable to CVE-2020-14315
Date: Wed, 10 Mar 2021 12:32:12 -0500

On Wed, Mar 10, 2021 at 09:49:57AM +0100, Léo Le Bouter wrote:
> A patch exists from FreeBSD: 
> - but
> it needs non-trivial porting since FreeBSD seems to have diverged in
> important ways from the source tree we use.
> Debian, Fedora, Gentoo, Arch Linux, Void Linux, none have fixed this
> CVE yet due to missing readily usable patch.

Well, we could also just remove this package. It sounds like it is not
supported on Linux. Does it offer some unique functionality?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]