[Bug 2279666] CVE-2024-34069 google-roboto-mono-fonts: python-werkzeug: user may execute code on a developer's machine [fedora-40]

8 May 2024

      https://bugzilla.redhat.com/show_bug.cgi?id=2279666
Link Dupont link@sub-pop.net changed:
What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |NOTABUG
             Status|NEW                         |CLOSED
        Last Closed|                            |2024-05-08 09:46:48
--- Comment #2 from Link Dupont link@sub-pop.net ---
google-roboto-mono-fonts does list python-workzeug in its upstream
requirements.txt, however Fedora's package does not use Python to build the
fonts locally. The pre-built upstream fonts are installed directly. Therefore,
google-roboto-mono-fonts is not affected by this CVE.
-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2279666

Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

[Bug 2279666] CVE-2024-34069 google-roboto-mono-fonts: python-werkzeug: user may execute code on a developer's machine [fedora-40]