>>>>> Yaakov Selkowitz writes: > On Mon, 2015-06-29 at 17:56 +0200, Dr. Volker Zell wrote: >> >>>>> Yaakov Selkowitz writes: >> > On Mon, 2015-06-08 at 15:42 -0500, Yaakov Selkowitz wrote: >> >> On Fri, 2015-06-05 at 03:17 -0500, Yaakov Selkowitz wrote: >> >> > Dr. Volker, >> >> > >> >> > A security vulnerability has been made public for libwmf: >> >> > >> >> > https://bugzilla.redhat.com/show_bug.cgi?id=1227243 >> >> >> >> Actually, it's worse than that. Despite configuring with --with-sys-gd, >> >> libwmf is still being built with the bundled libgd (which has either an >> >> older or custom API) instead of the system one. Therefore, practically >> >> the entire patchset is required to fix all known vulnerabilities: >> >> >> >> http://pkgs.fedoraproject.org/cgit/libwmf.git/ >> >> > Are you still with us? >> >> Yes, but NO time right now (plus upcoming vacation)
> Understood, I've uploaded 0.2.8.4-15 with the complete patchset. Thanks > BTW, tzcode has been a bit neglected as of late, and it's the sort of > package that really needs to be kept timely (forgive the pun). Would > you mind if we took over maintainership? Just go ahead... > -- > Yaakov Ciao Volker