This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Am Donnerstag, 5. Oktober 2017, 14:54:47 CEST schrieb Joseph Myers: > On Thu, 5 Oct 2017, Florian Weimer wrote: > > Their packaging is completely different from the libidn upstream releases. > > And updating from the libidn upstream releases would be problematic given > that it's a non-FSF-assigned project that has changed license. So what strategy is best to short-term fix bugs that have already been addressed by libidn upstream? A quick search finds (but I haven't checked all these in detail yet, nor do I claim the list is complete): CVE-2015-2059, CVE-2015-8948, CVE-2016-6261, CVE-2016-6262, CVE-2016-6263 -- Andreas K. Hüttel dilfridge@gentoo.org Gentoo Linux developer (council, perl, libreoffice)
Attachment:
signature.asc
Description: This is a digitally signed message part.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |