Closed merkys closed 6 months ago
Gemmi already uses TinyDir 1.2.6, I updated it 3 weeks ago in e142eff1, before releasing v0.6.4.
BTW in the last release (0.6.4), if you want to install everything (program,library,python bindings), it might be better to use pip install .
with extra options to enable building the program and installing dev files. Otherwise python dist-info files don't get generated.
Thanks for confirming that this is already fixed. I will also look into installing Gemmi with pip install
.
Gemmi is affected by CVE-2023-49287 due to a buffer overflow in embedded TinyDir library. This has been reported in Debian. Solution is to update TinyDir at least to v1.2.6.