https://bugzilla.redhat.com/show_bug.cgi?id=1801149
--- Comment #9 from Cedric Buissart 🐶 <cbuissar(a)redhat.com> ---
Statement:
Red Hat Satellite 6 uses a vulnerable version of libquartz as a dependency for
candlepin. However, the <job><descrition> entry is not used, and the
vulnerability can not be triggered. An update may fix the code in the future.
--
You are receiving this mail because:
You are on the CC list for the bug.