Re: [PATCH 0/1] fontconfig: CVE-2016-5384

2016-08-08 Thread Leo Famulari
On Mon, Aug 08, 2016 at 07:17:50PM -0400, Mark H Weaver wrote: > Leo Famulari writes: > > > This patch uses a graft to apply the upstream fix to fontconfig for > > CVE-2016-5384. I learned about the bug from a Debian security advisory: > > > > https://security-tracker.debian.org/tracker/CVE-2016-

Re: [PATCH 0/1] fontconfig: CVE-2016-5384

2016-08-08 Thread Mark H Weaver
Leo Famulari writes: > This patch uses a graft to apply the upstream fix to fontconfig for > CVE-2016-5384. I learned about the bug from a Debian security advisory: > > https://security-tracker.debian.org/tracker/CVE-2016-5384 > https://www.debian.org/security/2016/dsa-3644 Looks good to me. Pl

[PATCH 0/1] fontconfig: CVE-2016-5384

2016-08-08 Thread Leo Famulari
This patch uses a graft to apply the upstream fix to fontconfig for CVE-2016-5384. I learned about the bug from a Debian security advisory: https://security-tracker.debian.org/tracker/CVE-2016-5384 https://www.debian.org/security/2016/dsa-3644 Another potential option is to try grafting the lates