[Bug 2279666] CVE-2024-34069 google-roboto-mono-fonts: python-werkzeug: user may execute code on a developer's machine [fedora-40]

bugzilla Wed, 08 May 2024 02:47:48 -0700

https://bugzilla.redhat.com/show_bug.cgi?id=2279666


Link Dupont <l...@sub-pop.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |NOTABUG
             Status|NEW                         |CLOSED
        Last Closed|                            |2024-05-08 09:46:48



--- Comment #2 from Link Dupont <l...@sub-pop.net> ---
google-roboto-mono-fonts does list python-workzeug in its upstream
requirements.txt, however Fedora's package does not use Python to build the
fonts locally. The pre-built upstream fonts are installed directly. Therefore,
google-roboto-mono-fonts is not affected by this CVE.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2279666

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202279666%23c2
--
_______________________________________________
fonts-bugs mailing list -- fonts-bugs@lists.fedoraproject.org
To unsubscribe send an email to fonts-bugs-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/fonts-bugs@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

[Bug 2279666] CVE-2024-34069 google-roboto-mono-fonts: python-werkzeug: user may execute code on a developer's machine [fedora-40]

Reply via email to