Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 11b17fbf by Salvatore Bonaccorso at 2019-02-01T22:57:17Z Add fixed version for CVE-2019-6245 Note for reviewers: Actually possibly the issue was already fixed in 2.5+dfsg1-3 with the inclusion of the 05-fix-recursion-crash.patch patch. So pinpointing the fixed version needs re-evaluation here. After 'respin' of a non-dead branch of 2.4's agg version the issue was fixed in revision 119 and included in 1:2.4-r127+dfsg1-1 but the 05-fix-recursion-crash.patch patch was carried up in each subsequent versions before that switch. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2506,7 +2506,7 @@ CVE-2019-6246 (An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling NOTE: https://github.com/svgpp/svgpp/issues/70 CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...) {DLA-1656-1} - - agg <unfixed> (bug #919322) + - agg 1:2.4-r127+dfsg1-1 (bug #919322) - svgpp <unfixed> (bug #919321) NOTE: https://github.com/svgpp/svgpp/issues/70 NOTE: Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/11b17fbf0f46c7837cb93142ff0b39a8f1013aef -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/11b17fbf0f46c7837cb93142ff0b39a8f1013aef You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits