OSS-Fuzz is a Continuous Fuzzing for Open Source Software. See $URL for more details about the issue. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
https://github.com/mm2/Little-CMS/commit/9efd86709a02496bdb7d482ce50c5ffe79c32eac https://github.com/mm2/Little-CMS/commit/aeaaa78e66b6c0c0bf0a1d2614efbaf4a522e66b
Should be fixed in 2.9 in the tree, feel free to start stabilization.
@Arches please test and mark stable. Thank you
(In reply to Christopher Díaz Riveros from comment #3) > @Arches please test and mark stable. > > Thank you
hppa/ppc/ppc64 stable Single Multilocalized test fails on BE arches. Reported upstream as: https://github.com/mm2/Little-CMS/pull/142
x86 stable
arm stable
Stable on amd64
ia64 stable
Since bug 638192 seems to affect all bigendian archs: sparc fine.
sparc stable (thanks to Rolf Eike Beer)
Stable on alpha.
@security, please add bug ID to CVETool, thank you. Gentoo Security Padawan (Jmbailey/mbailey_j)
arm64 stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=139bfc57747c094af6dc04e4485e433dd56acbde commit 139bfc57747c094af6dc04e4485e433dd56acbde Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2018-09-18 15:41:14 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2018-09-18 18:25:03 +0000 media-libs/lcms: Cleanup vulnerable Bug: https://bugs.gentoo.org/628478 Package-Manager: Portage-2.3.49, Repoman-2.3.10 media-libs/lcms/Manifest | 1 - .../lcms/files/lcms-2.8-CVE-2016-10165.patch | 22 ---------- media-libs/lcms/lcms-2.8-r1.ebuild | 46 ------------------- media-libs/lcms/lcms-2.8-r2.ebuild | 51 ---------------------- 4 files changed, 120 deletions(-)
ping sec.
Tree is clean