El 26/02/18 a las 10:55, Jeff Breidenbach escribió:
> >Was upstream's position also to remove those binaries?
>
> Yes.
>
> >Upstream was unable to provide a patch?
>
> Yes. Upstream decided that it was not worth the time to make a patch.
>
> Leptonica is a large image processing library. It
>Was upstream's position also to remove those binaries?
Yes.
>Upstream was unable to provide a patch?
Yes. Upstream decided that it was not worth the time to make a patch.
Leptonica is a large image processing library. It also contains source code
for many (over 200) example programs that use
Hi Ben,
MITRE did assign the following:
On Thu, Feb 22, 2018 at 05:38:16PM +0100, Ben Hutchings wrote:
> > > 1. #890548
> >
> > This one has CVE-2018-7186.
> >
> > > 2. Incomplete fix for #889759 / CVE-2018-3836
CVE-2018-7440
> > > 3. Similar issue to #889759 / CVE-2018-3836, "/" is not
El 23/02/18 a las 10:08, Jeff Breidenbach escribió:
> >So these files should be also removed from the package in wheezy and jessie?
>
> Yes.
Sorry if my previous message was maybe too brief.
It is not common to remove a file from the packages of a released debian
suite. I find it surprising
>So these files should be also removed from the package in wheezy and
jessie?
Yes.
Security team: sorry for the lack of context in the message. Please see
https://lists.debian.org/debian-lts/2018/02/msg00054.html and
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830660
El 22/02/18 a las 22:35, Jeff Breidenbach escribió:
>These binaries were removed in #830660.
>>$
These binaries were removed in #830660.
>$ strings /usr/bin/printsplitimage | grep ^/tmp/
>/tmp/split
>$ strings /usr/bin/splitimage2pdf | grep ^/tmp/
>/tmp/junk_split_image.ps
prune_unsafe_binaries.diff.gz
Description: GNU Zip compressed data
The remaining hardcoded /tmp filenames are believed to be in test and debug
code paths.
Hi Ben,
On Thu, Feb 22, 2018 at 05:38:16PM +0100, Ben Hutchings wrote:
> On Thu, 2018-02-22 at 07:26 +0100, Salvatore Bonaccorso wrote:
> > Hi Ben,
> >
> > On Sat, Feb 17, 2018 at 09:28:19PM +, Ben Hutchings wrote:
> > > On Fri, 2018-02-16 at 14:36 -0500, Antoine Beaupré wrote:
> > > > On
On Thu, 2018-02-22 at 07:26 +0100, Salvatore Bonaccorso wrote:
> Hi Ben,
>
> On Sat, Feb 17, 2018 at 09:28:19PM +, Ben Hutchings wrote:
> > On Fri, 2018-02-16 at 14:36 -0500, Antoine Beaupré wrote:
> > > On 2018-02-15 21:34:48, Ben Hutchings wrote:
> > > > On Wed, 2018-02-14 at 22:23 -0500,
Hi Ben,
On Sat, Feb 17, 2018 at 09:28:19PM +, Ben Hutchings wrote:
> On Fri, 2018-02-16 at 14:36 -0500, Antoine Beaupré wrote:
> > On 2018-02-15 21:34:48, Ben Hutchings wrote:
> > > On Wed, 2018-02-14 at 22:23 -0500, Roberto C. Sánchez wrote:
> > > > On Wed, Feb 14, 2018 at 02:56:24PM +0530,
On Fri, 2018-02-16 at 14:36 -0500, Antoine Beaupré wrote:
> On 2018-02-15 21:34:48, Ben Hutchings wrote:
> > On Wed, 2018-02-14 at 22:23 -0500, Roberto C. Sánchez wrote:
> > > On Wed, Feb 14, 2018 at 02:56:24PM +0530, Abhijith PA wrote:
> > > > Hello.
> > > >
> > > > I prepared LTS security
On 2018-02-15 21:34:48, Ben Hutchings wrote:
> On Wed, 2018-02-14 at 22:23 -0500, Roberto C. Sánchez wrote:
>> On Wed, Feb 14, 2018 at 02:56:24PM +0530, Abhijith PA wrote:
>> > Hello.
>> >
>> > I prepared LTS security update for leptonlib. Please review and upload.
>> > You can find debdiff along
On Wed, 2018-02-14 at 22:23 -0500, Roberto C. Sánchez wrote:
> On Wed, Feb 14, 2018 at 02:56:24PM +0530, Abhijith PA wrote:
> > Hello.
> >
> > I prepared LTS security update for leptonlib. Please review and upload.
> > You can find debdiff along with the mail.
> > link:
> >
On Wed, Feb 14, 2018 at 02:56:24PM +0530, Abhijith PA wrote:
> Hello.
>
> I prepared LTS security update for leptonlib. Please review and upload.
> You can find debdiff along with the mail.
> link:
> https://mentors.debian.net/debian/pool/main/l/leptonlib/leptonlib_1.69-3.1+deb7u1.dsc
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello.
I prepared LTS security update for leptonlib. Please review and upload.
You can find debdiff along with the mail.
link:
https://mentors.debian.net/debian/pool/main/l/leptonlib/leptonlib_1.69-3.1+deb7u1.dsc
I done following tests.
- -
16 matches
Mail list logo