-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New release for CVE-2021-45959 #2685
Comments
This is one of a series of false positives around 12 July that were closed without any changes to {fmt} (after some fuzzing infra issue has been addressed). In particular 2038bf6 is effectively a noop. I recommend marking this CVE as invalid. |
Via https://cveform.mitre.org/ I asked if the CVE can be rejected (note I'm not either involved upstream, nor with the oss-fuzz, but stumpled over this issue while investigating the CVE in downstream Debian). |
Thanks! |
@vitaut the CVE has been rejected now. |
Thanks @carnil! |
Can you please make a new release addressing CVE-2021-45959?
It appears this issue was fixed back in July with commit 2038bf6 but no release was made.
Thank you!
The text was updated successfully, but these errors were encountered: