Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Oct 2016 11:46:27 +1030
From: Doran Moppert <dmoppert@...hat.com>
To: Open Source Security <oss-security@...ts.openwall.com>
Subject: Re: CVE request: openjpeg: incorrect fix for CVE-2013-6045 (was Re:
 openjpeg CVE-2016-3181, CVE-2016-3182 .. and CVE-2013-6045)

> > Do you specifically know of a distribution that still has that patch?
> 
> Red Hat Enterprise Linux and Ubuntu LTS seem to be still carrying the
> original patch.  Possibly others, but these are the only ones I've
> identified.

I should have included this reference:

https://bugzilla.redhat.com/show_bug.cgi?id=1382202


-- 
Doran Moppert
Red Hat Product Security

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.