diff options
author | Adrian Bunk <bunk@debian.org> | 2019-04-28 17:55:43 +0300 |
---|---|---|
committer | Adrian Bunk <bunk@debian.org> | 2019-04-28 17:55:43 +0300 |
commit | 7d09d36dde25e6503a879196e6fdc26212cf198e (patch) | |
tree | 6909aeda3197fd7d41973a281908e34385583def /data | |
parent | a77c11fe2d0e3a564362cd1a82bf7551d8ad31bb (diff) |
Update libmatio status
Diffstat (limited to 'data')
-rw-r--r-- | data/dla-needed.txt | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 3de4396aea..d7a5b73a7f 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -86,7 +86,13 @@ liblivemedia (Hugo Lefeuvre) libmatio (Adrian Bunk) NOTE: fairly high number of open issues. Not sure why we never had a look at them. NOTE: triage work needed, help security team for fixes if needed. - NOTE: 20190413: work ongoing + NOTE: 20190428: most patches can be applied after context adaption + NOTE: 20190428: all CVEs are from one fuzzing attempt + NOTE: 20190428: some CVE testcases pass on the unpatched version, + NOTE: 20190428: but since the fixes can be made applied the code + NOTE: 20190428: is likely vulnerable + NOTE: 20190428: some CVE testcases still fail after applying the fix, + NOTE: 20190428: older changes seem to also be required for them -- libspring-security-2.0-java -- |