On Sat, 30 Sep 2023 17:28:29 +0200 Klaus Singvogel
wrote:
> hede wrote:
> > Hi,
> >
> > does anyone know why CVE-2023-5217 (critical vp8 encoder bug) is rated as
> > an "open unimportant issue" for firefox-esr? Currently it is not fixed in
> > bookworm and newer [1]. Mozilla itself rates it
On Sat, 30 Sep 2023 07:37:04 -0400 The Wanderer wrote:
> When I follow the link to [3], and look at the bottom of the page, I see
> what looks to me like an explanation
Ah, I get it. That's indeed a good explanation. Then the state of "vulnerable"
is simply wrong, because it's actually "not
hede wrote:
> Hi,
>
> does anyone know why CVE-2023-5217 (critical vp8 encoder bug) is rated as an
> "open unimportant issue" for firefox-esr? Currently it is not fixed in
> bookworm and newer [1]. Mozilla itself rates it as "critical" [2].
That's fixed in Debian Bullseye.
If I look into
On 9/30/23, hede wrote:
> Hi,
>
> does anyone know why CVE-2023-5217 (critical vp8 encoder bug) is rated as an
> "open unimportant issue" for firefox-esr? Currently it is not fixed in
> bookworm and newer [1]. Mozilla itself rates it as "critical" [2].
At the bottom of the page of your [1] is
On 2023-09-30 at 07:20, hede wrote:
> Hi,
>
> does anyone know why CVE-2023-5217 (critical vp8 encoder bug) is rated as an
> "open unimportant issue" for firefox-esr? Currently it is not fixed in
> bookworm and newer [1]. Mozilla itself rates it as "critical" [2].
>
> [1]
Hi,
does anyone know why CVE-2023-5217 (critical vp8 encoder bug) is rated as an
"open unimportant issue" for firefox-esr? Currently it is not fixed in bookworm
and newer [1]. Mozilla itself rates it as "critical" [2].
[1] https://security-tracker.debian.org/tracker/source-package/firefox-esr
6 matches
Mail list logo