On Thu, Feb 26, 2015 at 02:05:19AM +0000, Ken Moffat wrote: > Looking at this week's lwn.net, there appear to be a shed-load of > CVE fixes in freetype : CVE-2014-9656 to 9674. Looking at the first > of these, the CVE actually points to an upstream commit, instead of > being marked as "reserved". Anybody want to take a look at these? > (fixed in fedora, ubuntu, and mageia - if any of those provide an > easier way of getting the patches). > > Don't ya just dread book -rc's ? > [rude words] - the fix is apparently to an old version (2.5.3), AFAICS no fixes to 2.5.5, and we are already on that. Sorry for the noise.
/me needs to remember that what used to be a current distro version (fc21 in this case) can soon become old. ĸen -- Nanny Ogg usually went to bed early. After all, she was an old lady. Sometimes she went to bed as early as 6 a.m. -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
