Henri Salo <he...@nerv.fi> schrieb:
> There is two open vulnerabilities in libpng 1.2.27-2+lenny4 as you can see
> from:
>
> http://security-tracker.debian.org/tracker/source-package/libpng
>
> The issues I am concerned about are CVE-2006-7244 and CVE-2009-5063. Notes of
> the issues are: "package libpng is vulnerable; however, the security impact
> is unimportant.", but I think these aren't unimportant as you can see from
> here:
>
> http://www.openwall.com/lists/oss-security/2011/03/22/7
> http://www.openwall.com/lists/oss-security/2011/03/28/6
>
> Is there a plan to fix these issues? Should I create a bug-report?
It's fixed already since 1.2.39-1 for both issues.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/slrnj2ochh.aqm....@inutil.org
