Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Oct 2016 11:46:27 +1030
From: Doran Moppert <dmoppert@...hat.com>
To: Open Source Security <oss-security@...ts.openwall.com>
Subject: Re: CVE request: openjpeg: incorrect fix for CVE-2013-6045 (was Re:
 openjpeg CVE-2016-3181, CVE-2016-3182 .. and CVE-2013-6045)

> > Do you specifically know of a distribution that still has that patch?
> 
> Red Hat Enterprise Linux and Ubuntu LTS seem to be still carrying the
> original patch.  Possibly others, but these are the only ones I've
> identified.

I should have included this reference:

https://bugzilla.redhat.com/show_bug.cgi?id=1382202


-- 
Doran Moppert
Red Hat Product Security

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ