Re: Liblouis CVE's in stretch

To: debian-accessibility@lists.debian.org, mailinglists@gusnan.se
Subject: Re: Liblouis CVE's in stretch
From: Samuel Thibault <sthibault@debian.org>
Date: Mon, 30 May 2022 14:47:52 +0200
Message-id: <[🔎] 20220530124752.dfwmkp6rlqkhcf55@begin>
Mail-followup-to: debian-accessibility@lists.debian.org, mailinglists@gusnan.se
In-reply-to: <[🔎] 20220530123408.uumzjzqfl7hzxedi@begin>
References: <[🔎] 20220530131037.50048f77@debian-i7> <[🔎] 20220530123408.uumzjzqfl7hzxedi@begin>

Samuel Thibault, le lun. 30 mai 2022 14:34:08 +0200, a ecrit:
> Andreas Rönnquist, le lun. 30 mai 2022 13:10:37 +0200, a ecrit:
> > Also - I am looking at fixing CVE-2018-17294 [3],
> 
> This one however is about input indeed. Perhaps it'd be worth checking
> against the latest upstream master branch of liblouis, since there have
> been various fixes there recently.

Ah, the report says it's fixed since 3.7.

Stretch is really really old (oldoldstable, replaced by buster in 2019
then bullseye in 2021) and its LTS ends at the end of june, I don't
think it's worth spending time on it.

Samuel

Reply to:

References:
- Liblouis CVE's in stretch
  - From: Andreas Rönnquist <mailinglists@gusnan.se>
- Re: Liblouis CVE's in stretch
  - From: Samuel Thibault <sthibault@debian.org>

Prev by Date: Re: Liblouis CVE's in stretch
Previous by thread: Re: Liblouis CVE's in stretch
Index(es):
- Date
- Thread