Re: [Silgraphite-devel] Release 1.3.6 of graphite2 engine

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Dear Rene,

Mozilla seem to have assigned a bunch of CVEs relevant to the current release. The following CVEs are all fixed by 1.3.6:

CVE-2016-1969, CVE-2016-2796, CVE-2016-1977, CVE-2016-2799

There are no other known outstanding CVEs on Graphite.

Fuzzing continues and there will be a 1.3.7 in due course (a couple of weeks?)

HTH,
Yours,
Martin