Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
11b17fbf by Salvatore Bonaccorso at 2019-02-01T22:57:17Z
Add fixed version for CVE-2019-6245
Note for reviewers: Actually possibly the issue was already fixed in
2.5+dfsg1-3 with the inclusion of the 05-fix-recursion-crash.patch
patch. So pinpointing the fixed version needs re-evaluation here.
After 'respin' of a non-dead branch of 2.4's agg version the issue
was
fixed in revision 119 and included in 1:2.4-r127+dfsg1-1 but the
05-fix-recursion-crash.patch patch was carried up in each subsequent
versions before that switch.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2506,7 +2506,7 @@ CVE-2019-6246 (An issue was discovered in SVG++ (aka
svgpp) 1.2.3. After calling
NOTE: https://github.com/svgpp/svgpp/issues/70
CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as
used in ...)
{DLA-1656-1}
- - agg <unfixed> (bug #919322)
+ - agg 1:2.4-r127+dfsg1-1 (bug #919322)
- svgpp <unfixed> (bug #919321)
NOTE: https://github.com/svgpp/svgpp/issues/70
NOTE: Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/11b17fbf0f46c7837cb93142ff0b39a8f1013aef
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/11b17fbf0f46c7837cb93142ff0b39a8f1013aef
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
