Source: gettext Version: 0.19.8.1-8 Severity: minor Tags: security upstream
Hi Santiago, The following vulnerability was published for gettext, and as discussed already this has negligable security impact if at all. But still filling the bug for tracking purpose so we can update the tracker entry once the issue is fixed. Choosed severity minor as well. CVE-2018-18751[0]: | An issue was discovered in GNU gettext 0.19.8. There is a double free | in default_add_message in read-catalog.c, related to an invalid free in | po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-18751 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18751 Regards, Salvatore