Hello,
I updated today svgSalamander in JOSM to 1.1.2, because we faced a
rendering bug.
With the update I found a major regression in font handling, and found out
also that the CVE vulnerability wasn't correctly fixed upstream.
I created three pull requests matching the patches I applied in JOSM
e
On 9/23/18 5:35 PM, Felix Natter wrote:
> hello Debian-gis,
>
> for svgSalamander 1.1.2, a fix for CVE-2017-5617 [1] (#853134) was
> upstreamed by Vincent Privat.
>
> [1] https://security-tracker.debian.org/tracker/CVE-2017-5617
>
> However, upstream included the patch modified [2], with a flag
hello Debian-gis,
for svgSalamander 1.1.2, a fix for CVE-2017-5617 [1] (#853134) was
upstreamed by Vincent Privat.
[1] https://security-tracker.debian.org/tracker/CVE-2017-5617
However, upstream included the patch modified [2], with a flag in the
"global data object" SVGUniverse, with the defaul
3 matches
Mail list logo
