diff options
author | Adrian Bunk <bunk@debian.org> | 2020-06-30 22:19:53 +0300 |
---|---|---|
committer | Adrian Bunk <bunk@debian.org> | 2020-06-30 22:19:53 +0300 |
commit | 4affac49e307e4b18c478eee5ec255209d3a3675 (patch) | |
tree | 3915a55f270f5a35327efee0343dac18d455607f /data/dla-needed.txt | |
parent | 8dd845b147139dcca59b372b0a15702f1fede55e (diff) |
Reserve DLA-2267-1 for libmatio
Diffstat (limited to 'data/dla-needed.txt')
-rw-r--r-- | data/dla-needed.txt | 13 |
1 files changed, 0 insertions, 13 deletions
diff --git a/data/dla-needed.txt b/data/dla-needed.txt index f68fc38a9c..11c23249cf 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -67,19 +67,6 @@ libdatetime-timezone-perl NOTE: 20200620: There is no security issue with the package. What we want to do is to provide an up to date timezone NOTE: 20200620: database but that is not urgent. We want to provide 2020a-0+deb8u1. (according to email, node added by ola) -- -libmatio (Adrian Bunk) - NOTE: fairly high number of open issues. Not sure why we never had a look at them. - NOTE: triage work needed, help security team for fixes if needed. - NOTE: 20190428: most patches can be applied after context adaption - NOTE: 20190428: all CVEs are from one fuzzing attempt - NOTE: 20190428: some CVE testcases pass on the unpatched version, - NOTE: 20190428: but since the fixes can be made applied the code - NOTE: 20190428: is likely vulnerable - NOTE: 20190428: some CVE testcases still fail after applying the fix, - NOTE: 20190428: older changes seem to also be required for them - NOTE: 20200615: work is ongoing (bunk) - NOTE: 20200629: pending release (bunk) --- linux (Ben Hutchings) -- linux-4.9 (Ben Hutchings) |