Hello Adrian, CVE-2020-26159 was released following a review with Coverity. This resulted in 27 errors. One of them was a false positive.
Which of the bugs led to the CVE report I cannot judge. The remaining bugs have been fixed in the meantime. I therefore believe that the CVE report can be closed. CU Jörg Am Sonntag, den 08.11.2020, 18:37 +0200 schrieb Adrian Bunk: > Control: tags -1 moreinfo > > On Sun, Nov 08, 2020 at 01:19:46PM +0100, Jörg Frings-Fürst wrote: > > ... > > Changes since the last upload: > > Looks good, except: > > > ... > > * New upstream release. > > ... > > - Fix CVE-2020-26159 (Closes: #972113). > > ... > > What is the status of this CVE? > > If the comment in #972113 and what is written in the upstream issue > linked from there is correct, then it was not a vulnerability in the > first place. > > > CU > > Jörg > > cu > Adrian -- New: GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB 30EE 09F8 9F3C 8CA1 D25D GPG key (long) : 09F89F3C8CA1D25D GPG Key : 8CA1D25D CAcert Key S/N : 0E:D4:56 Old pgp Key: BE581B6E (revoked since 2014-12-31). Jörg Frings-Fürst D-54470 Lieser git: https://jff.email/cgit/ Threema: SYR8SJXB Wire: @joergfringsfuerst Skype: joergpenguin Ring: jff Telegram: @joergfringsfuerst My wish list: - Please send me a picture from the nature at your home.
signature.asc
Description: This is a digitally signed message part