On 2/16/22 01:52 PM, jp charras wrote:
Le 16/02/2022 à 19:38, Steven A. Falco a écrit :
I found "Fix overflow vulnerability in Gerbview" and possibly "Fix relative return
with nullptr condition". Are there other patches in the series, or are those two the only
ones that are needed?
I tried grepping the log for CVE, but didn't find much...
Steve
3 fixes are needed. This one is needed:
"Fix float scaling to use single fn"
I tried applying the patches to 5.1.12 but ran into rejects that I didn't feel
comfortable to rework.
I'm asking on the Fedora list, and there is a way to request exceptions to the
"Fedora major update policy". I'll see where that leads. Given that KiCad is
planning to do annual major updates, I suspect this problem will keep coming up, so if I
can get an exception to the policy, that would be best.
Steve
_______________________________________________
Mailing list: https://launchpad.net/~kicad-developers
Post to : kicad-developers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kicad-developers
More help : https://help.launchpad.net/ListHelp
