[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVE check for Octave dependencies
|
From: |
CdeMills |
|
Subject: |
CVE check for Octave dependencies |
|
Date: |
Wed, 18 Dec 2013 09:30:33 -0800 (PST) |
Hello,
I've added a new column in table found at http://wiki.octave.org/Building
With respect to the dependencies, there are two issues:
1) cURL versions 7.18.0 to 7.32.0 are suceptible to a 'man-in-the-middle'
attack ,see
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4545&cid=1
2) graphicsmagick up to 1.3.18 may crash while exporting some kind of
images, see
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4589&cid=1
Is it possible at the configure step to verify that the versions of those
two libs are safe ?
Regards
Pascal
--
View this message in context:
http://octave.1599824.n4.nabble.com/CVE-check-for-Octave-dependencies-tp4660188.html
Sent from the Octave - Maintainers mailing list archive at Nabble.com.
- CVE check for Octave dependencies,
CdeMills <=
- Re: CVE check for Octave dependencies, Reza Housseini, 2013/12/19
- Re: CVE check for Octave dependencies, c., 2013/12/19
- Re: CVE check for Octave dependencies, John W. Eaton, 2013/12/19
- Re: CVE check for Octave dependencies, Reza Housseini, 2013/12/19
- Re: CVE check for Octave dependencies, c., 2013/12/19
- Re: CVE check for Octave dependencies, Reza Housseini, 2013/12/19
- Re: CVE check for Octave dependencies, Pascal Dupuis, 2013/12/19
- Octave build dependencies wiki, Mike Miller, 2013/12/20