Hi Security team,
There's a third party patch for this CVE[2], and at least testing locally with
the
PoC in[1] seems to mitigate the issue. Do you think this is OK to pick and
upload?
Maytham Alsudany wrote:
> Hi Anthony,
>
> As you are the uploader for golang-github-disintegration-imaging,
Hi Anthony,
As you are the uploader for golang-github-disintegration-imaging, I'd like your
input on CVE-2023-
36308 and approval for the proposed patch, before any new upload is made.
There has been a failed attempt to inform upstream of this issue at [1], and
their last commit was 4
years
Package: golang-github-disintegration-imaging
X-Debbugs-CC: t...@security.debian.org
Severity: normal
Tags: security
Hi,
The following vulnerability was published for
golang-github-disintegration-imaging.
CVE-2023-36308[0]:
| disintegration Imaging 1.6.2 allows attackers to cause a panic
|
3 matches
Mail list logo
