mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-19 03:48:57 +00:00
5ad81ab09c
This should solve CVE-2016-5131 and some other bugs, but not what Suse calls CVE-2016-9597: https://bugzilla.suse.com/show_bug.cgi?id=1017497 The bugzilla discussion seems to indicate that the CVE is referenced incorrectly and only shows reproducing when using command-line flags that are considered "unsafe". CVE-2016-9318 also remains unfixed, as I consider their reasoning OK: https://lwn.net/Alerts/714411/ /cc #22826. |
||
---|---|---|
.. | ||
default.nix |