Hi,
On 17/06/2023 22:14, Roberto C. Sánchez wrote:
My opinion is that the package should be added to dla-needed.txt with
a note linking to this thread on the mailing list.
[snip]
There should also be a note there to consider backporting a new upstream
release once the security team decides
On Sat, 2023-06-17 at 16:14 -0400, Roberto C. Sánchez wrote:
> Hi Ola,
>
> The renderdoc situation certainly seems out of the norm for what we see.
>
> On Fri, Jun 16, 2023 at 11:34:25PM +0200, Ola Lundqvist wrote:
> > Hi
> >
> > I'm triaging the package "renderdoc" and it has three open CVEs.
Hi Ola,
The renderdoc situation certainly seems out of the norm for what we see.
On Fri, Jun 16, 2023 at 11:34:25PM +0200, Ola Lundqvist wrote:
> Hi
>
> I'm triaging the package "renderdoc" and it has three open CVEs. More
> information about the CVEs are available here with a good description.
Hi
I'm triaging the package "renderdoc" and it has three open CVEs. More
information about the CVEs are available here with a good description.
https://www.openwall.com/lists/oss-security/2023/06/06/3
One of them is clearly a minor issue, but two of them describe the
possibility to execute