freetype
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ft] about CVE4s


From: suzuki toshiya
Subject: Re: [ft] about CVE4s
Date: Fri, 13 Mar 2015 23:01:31 +0900
User-agent: Mozilla-Thunderbird 2.0.0.24 (X11/20100329)

I don't know the detail of this website (e.g.
how to use it), but it seems that some CVE
reports have the links to the existing fixes
in GIT repository. I'm not sure whether this
website wants to acknowledge how many bugs
were found once (and don't care whether they
are fixed or not in the latest release), or,
how many bugs are open.

For example,
http://www.cvedetails.com/cve/CVE-2014-9674/
is noted as "published 2015-02-08, last update
date 2015-02-27". however, as the title of CVE
says, it was reported in 2014, and a fix was
committed to GIT repository on 2014 November,
and official release freetype-2.5.4 & 2.5.5
include this fixes. I wonder what I can do.
If you know, please let me know.

Regards,
mpsuzuki

Vincent Torri wrote:
> Hey
> 
> I would like to know the status of the fixes for the CVE reported here :
> 
> http://www.cvedetails.com/product/7835/Freetype-Freetype.html?vendor_id=4535
> 
> thank you
> 
> Vincent Torri
> 
> _______________________________________________
> Freetype mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/freetype



reply via email to

[Prev in Thread] Current Thread [Next in Thread]