bug#47510: cflow is vulnerable to CVE-2019-16165 and CVE-2019-16166

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47510: cflow is vulnerable to CVE-2019-16165 and CVE-2019-16166

From:	Léo Le Bouter
Subject:	bug#47510: cflow is vulnerable to CVE-2019-16165 and CVE-2019-16166
Date:	Wed, 31 Mar 2021 03:50:22 +0200
User-agent:	Evolution 3.34.2

I asked the maintainer to fix the issues because they were unfixed
since a while, they have done so recently:

https://git.savannah.gnu.org/cgit/cflow.git/commit/?id=b9a7cd5e9d4efb54141dd0d11c319bb97a4600c6

They have not made a recently, also it seems they fixed other issues
that could be security relevant in their commit log, not sure if we
apply/backport patches or wait for release.

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

bug#47510: cflow is vulnerable to CVE-2019-16165 and CVE-2019-16166, Léo Le Bouter <=

Prev by Date: bug#47509: OpenEXR may be vulnerable to CVE-2021-3474, CVE-2021-3476 and CVE-2021-3475
Next by Date: bug#47479: inkscape retains a reference to imagemagick, even though it is in native-inputs
Previous by thread: bug#47509: OpenEXR may be vulnerable to CVE-2021-3474, CVE-2021-3476 and CVE-2021-3475
Next by thread: bug#47520: mumi: wrong message is downloaded
Index(es):
- Date
- Thread