Date: Thu, 6 Oct 2016 11:46:27 +1030 From: Doran Moppert <dmoppert@...hat.com> To: Open Source Security <oss-security@...ts.openwall.com> Subject: Re: CVE request: openjpeg: incorrect fix for CVE-2013-6045 (was Re: openjpeg CVE-2016-3181, CVE-2016-3182 .. and CVE-2013-6045) > > Do you specifically know of a distribution that still has that patch? > > Red Hat Enterprise Linux and Ubuntu LTS seem to be still carrying the > original patch. Possibly others, but these are the only ones I've > identified. I should have included this reference: https://bugzilla.redhat.com/show_bug.cgi?id=1382202 -- Doran Moppert Red Hat Product Security Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.