Nixpkgs: Vulnerability roundup 51: openjpeg-2.3.0

Created on 5 Nov 2018  ·  4Comments  ·  Source: NixOS/nixpkgs

openjpeg-2.3.0: 1 advisory

search, files

  • [ ] [CVE-2018-16376](https://nvd.nist.gov/vuln/detail/CVE-2018-16376) (unstable, 18.09, 18.03)
security wait-for-upstream
Source
picture ckauhaus

Most helpful comment

@domenkozar @rbvermaa I think it is a good idea to give @ckauhaus write access

On a more local note, I created «9.needs: upstream fix», but I guess in this case we are not going to try and influence the upstream, so «2.status: wait-for-upstream» fits better. It feels like «9.needs: upstream fix» fits when we actively negotiate with upstream or prepare a patch to propose or something like that.

picture 7c6f434c on 6 Nov 2018
👍3

All 4 comments

There is not a fix yet.
Could we tag it with a tag such as need: upstream fix ?

nlewo picture nlewo on 6 Nov 2018

I would appreciate this, but I'm unfortunately unable to set labels here on GH. Perhaps it's time for someone™ to grant me necessary permissions...

ckauhaus picture ckauhaus on 6 Nov 2018

@domenkozar @rbvermaa I think it is a good idea to give @ckauhaus write access

On a more local note, I created «9.needs: upstream fix», but I guess in this case we are not going to try and influence the upstream, so «2.status: wait-for-upstream» fits better. It feels like «9.needs: upstream fix» fits when we actively negotiate with upstream or prepare a patch to propose or something like that.

7c6f434c picture 7c6f434c on 6 Nov 2018
👍3

obsolete: 19.03 ships openjpeg-2.3.1

ckauhaus picture ckauhaus on 27 Oct 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ttuegel picture ttuegel  ·  98Comments
danykey picture danykey  ·  64Comments
timokau picture timokau  ·  66Comments
globin picture globin  ·  65Comments
nh2 picture nh2  ·  76Comments