Hi Sam, On Mon, Apr 09, 2018 at 10:19:34AM +1000, Sam Fowler wrote: > On Wed, 14 Mar 2018 16:22:19 +0100 Ole Streicher <oleb...@debian.org> wrote: > > FYI > > > > > > -------- Forwarded Message -------- > > Subject: [Debian-astro-maintainers] ftools update > > Date: Wed, 14 Mar 2018 10:42:25 -0400 > > From: Michael Arida <michael.ar...@nasa.gov> > > To: debian-astro-maintain...@lists.alioth.debian.org > > > > > > Dear Debian Astro Maintainers, > > > > As you may have noticed CFITSIO was updated Friday (March 2) for a > > major bug fix. Since you have a software bundle that uses what we > > assume is CFITSIO somewhere under the hood, we wanted to let you know > > that you should update that code. We are also expecting another > > update in April. > > > > If you have any questions or concerns, feel free to contact me. > > > > Regards, > > Mike Arida > > ____________________________________________________________ > > Michael Arida (ADNET) ASD/HEASARC > > 301.286.2291/1215 (voice/fax) Code 660, NASA/GSFC > > michael.ar...@nasa.gov Greenbelt, MD 20771 > > > > _______________________________________________ > > Debian-astro-maintainers mailing list > > debian-astro-maintain...@lists.alioth.debian.org > > https://lists.alioth.debian.org/mailman/listinfo/debian-astro-maintainers > > This has been assigned has been assigned CVE-2018-1000166.
Looking at https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0531 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0529 it looks for those issues already CVE-2018-3848, CVE-2018-3849 and CVE-2018-3846 were assigned and CVE-2018-1000166 is duplicate. Can you confirm? And if so ask for rejection of CVE-2018-1000166? Regards, Salvatore
