Re: [URGENT] Confirmation of Fixes for CVE's in 2.12.1

freetype

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [URGENT] Confirmation of Fixes for CVE's in 2.12.1

From:	Werner LEMBERG
Subject:	Re: [URGENT] Confirmation of Fixes for CVE's in 2.12.1
Date:	Thu, 30 Jun 2022 05:20:18 +0000 (UTC)

> I arrived at the conclusion because I was expecting a mention of
> CVE-2022-27404 and the change that fixed it.  [...]

Thanks for the explanation.  We usually don't mention CVEs in release
messages except someone explicitly tells us.  In most cases CVEs are
made public much later than the fixes or Freetype releases;
additionally, we (the FreeType team) are not informed about CVEs at
all, and we simply don't have the human resources to do more tracking.


    Werner

[Prev in Thread]

Current Thread

[Next in Thread]

[URGENT] Confirmation of Fixes for CVE's in 2.12.1, Arenas, Aaron, 2022/06/29
- Re: [URGENT] Confirmation of Fixes for CVE's in 2.12.1, Werner LEMBERG, 2022/06/30
  - RE: [URGENT] Confirmation of Fixes for CVE's in 2.12.1, Arenas, Aaron, 2022/06/30
    - Re: [URGENT] Confirmation of Fixes for CVE's in 2.12.1, Werner LEMBERG <=

Prev by Date: Re: [URGENT] Confirmation of Fixes for CVE's in 2.12.1
Next by Date: RE: [URGENT] Confirmation of Fixes for CVE's in 2.12.1
Previous by thread: RE: [URGENT] Confirmation of Fixes for CVE's in 2.12.1
Index(es):
- Date
- Thread