| Release | Version |
|---|---|
| buster | 2.19.81+really-2.18.2-13+deb10u1 |
| bullseye | 2.22.0-10 |
| bookworm | 2.24.1-2 |
| trixie | 2.24.3-1 |
| sid | 2.24.3-1 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2020-17354 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | LilyPond before 2.24 allows attackers to bypass the -dsafe protection ... |
| Bug | Description |
|---|---|
| CVE-2020-17353 | scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x ... |
| CVE-2018-10992 | lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings b ... |
| CVE-2017-17523 | lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings b ... |
| DSA / DLA | Description |
|---|---|
| DSA-4756-1 | lilypond - security update |