Hi Raphael,
On Tue, Jun 06, 2017 at 12:05:14PM +0200, Raphael Hertzog wrote:
> Hi,
>
> On Fri, 02 Jun 2017, Guido Günther wrote:
> > > but it's not worth arguing and providing that in jessie might be useful
> > > for
> > > building building custom tools still.
> >
> > But then again the fix for
Hi,
On Fri, 02 Jun 2017, Guido Günther wrote:
> > but it's not worth arguing and providing that in jessie might be useful for
> > building building custom tools still.
>
> But then again the fix for this should be in Wheezy already as far as I
> can tell. Raphael (since you provided the upstream
Hi Guido,
On Fri, Jun 02, 2017 at 12:29:29PM +0200, Guido Günther wrote:
> On Fri, Jun 02, 2017 at 11:02:06AM +0200, Moritz Muehlenhoff wrote:
> > On Fri, Jun 02, 2017 at 10:25:29AM +0200, Guido Günther wrote:
> > > Hi Moritz,
> > > I'm trying to figure out the reasoning for @51764. This marks tif
On Fri, Jun 02, 2017 at 11:02:06AM +0200, Moritz Muehlenhoff wrote:
> On Fri, Jun 02, 2017 at 10:25:29AM +0200, Guido Günther wrote:
> > Hi Moritz,
> > I'm trying to figure out the reasoning for @51764. This marks tiff as
> > affected by CVE-2016-10095. However from the upstream bug and the
> > cha
On Fri, Jun 02, 2017 at 10:25:29AM +0200, Guido Günther wrote:
> Hi Moritz,
> I'm trying to figure out the reasoning for @51764. This marks tiff as
> affected by CVE-2016-10095. However from the upstream bug and the
> changes we made in wheezy it looks like the changes we made already are
> suffici
Hi Moritz,
I'm trying to figure out the reasoning for @51764. This marks tiff as
affected by CVE-2016-10095. However from the upstream bug and the
changes we made in wheezy it looks like the changes we made already are
sufficient to fix the issue. Do you have a hint why you think this is
not the ca
