Hugo Lefeuvre <h...@debian.org> writes: > xcftools: > > + create a reproducer for CVE-2019-5086 and write a patch (still waiting > for some external review). > + start to investigate CVE-2019-5087.
I am a bit puzzled, what is the difference between CVE-2019-5086 and CVE-2019-5087? As far as I can tell they both a the same vulnerability. Did I miss something? -- Brian May <b...@debian.org>
