[Pkg-xfce-devel] xfce4 stable update for CVE-2007-6351
Simon Huggins
huggie at earth.li
Wed Jan 30 00:12:27 UTC 2008
On Wed, Jan 30, 2008 at 12:05:50AM +0000, Simon Huggins wrote:
> On Wed, Jan 30, 2008 at 12:58:08AM +0100, Nico Golde wrote:
> > the following CVE (Common Vulnerabilities & Exposures) ids were
> > published for xfce4 some time ago.
> for xfce4? These concern libexif. Did you paste the wrong CVEs?
> > CVE-2007-6351[0]:
> > | libexif 0.6.16 and earlier allows context-dependent attackers to cause
> [..]
> > CVE-2007-6352[1]:
> > | Integer overflow in libexif 0.6.16 and earlier allows
Ah, you meant to paste 6531 and 6532 I think.
We'll have a look at them.
Thanks.
--
,--huggie-at-earth-dot-li--------stuff-thing-stuff----------DF5CE2B4--.
_| Think of me as CVS with a brain and with some taste. - Linus |_
| Torvalds |
`-------------------- http://www.earth.li/~huggie/ -------------------'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-xfce-devel/attachments/20080130/471ad24c/attachment.pgp
More information about the Pkg-xfce-devel
mailing list