Author: agx Date: 2017-11-30 10:35:37 +0000 (Thu, 30 Nov 2017) New Revision: 58137
Modified: data/dla-needed.txt Log: lts: remove openexr CVE-2017-12596 was already addressed by DLA-1083-1 and the other can be postponed (no upstream fix available yet ant it's unclear if it's really a bug) Modified: data/dla-needed.txt =================================================================== --- data/dla-needed.txt 2017-11-30 10:28:05 UTC (rev 58136) +++ data/dla-needed.txt 2017-11-30 10:35:37 UTC (rev 58137) @@ -75,9 +75,6 @@ NOTE: github). Pinged sourceforge project owner with sourceforge's NOTE: integrated messaging feature. -- Raphaël Hertzog -- -openexr (Guido Günther) - NOTE: 20170902: CVE-2017-12596: bug reported upstream but no response yet (lamby) --- optipng (anarcat) NOTE: 20171127: Can confirm vulnerable in wheezy. (lamby) -- _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
