Alex Vong <alexvong1...@gmail.com> writes: > Hi, > > This patch update lcms to 2.8:
Thank you for this! > Besides, the security bug in which 'lcms-fix-out-of-bounds-read.patch' > fixed has been assigned CVE-2016-10165 according to [0], should we > change the name of the patch? > > [0]: https://bugzilla.redhat.com/show_bug.cgi?id=1367357 Good catch. Would you like to do it? Could you submit this patch against the 'core-updates' branch? LCMS causes ~1800 rebuilds which is too much for 'master'. The CVE patch has also been 'un-grafted' in core-updates, so the context will be slightly different. TIA!
signature.asc
Description: PGP signature
