Source: gpp Version: 2.25 Severity: normal Tags: security upstream, nmu, package orphaned
Salvatore, Do you support the idea of an NMU for GPP? I'm working on it, it hasn't been updated in two years. I have an initiative to study packaging by updating packages like this. The package is orphaned, even if it hasn't been updated for that long, I will need a sponsor. If you are interested in sponsoring the upload, I would be grateful. I believe that I will be helping the project in some way. I take security very seriously. It seems to me that the problem was fixed almost 1 month ago and discussed on git. https://www.suse.com/pt-br/security/cve/CVE-2018-17076/ https://bugzilla.suse.com/show_bug.cgi?id=1108673&_ga=2.126348621.1528485538.1593133070-1237789434.1593133070 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812622 https://github.com/logological/gpp https://nvd.nist.gov/vuln/detail/CVE-2018-17076 https://github.com/logological/gpp/issues/26 https://security-tracker.debian.org/tracker/CVE-2018-17076 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17076 https://github.com/logological/gpp/issues/26 Regards, Leandro
