|
From: | Reza Housseini |
Subject: | Re: CVE check for Octave dependencies |
Date: | Thu, 19 Dec 2013 07:52:56 +0100 |
Hello,
I've added a new column in table found at http://wiki.octave.org/Building
With respect to the dependencies, there are two issues:
1) cURL versions 7.18.0 to 7.32.0 are suceptible to a 'man-in-the-middle'
attack ,see
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4545&cid=1
2) graphicsmagick up to 1.3.18 may crash while exporting some kind of
images, see
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4589&cid=1
Is it possible at the configure step to verify that the versions of those
two libs are safe ?
Regards
Pascal
--
View this message in context: http://octave.1599824.n4.nabble.com/CVE-check-for-Octave-dependencies-tp4660188.html
Sent from the Octave - Maintainers mailing list archive at Nabble.com.
[Prev in Thread] | Current Thread | [Next in Thread] |