Hey, > > Unfortunately needs Qt 5.7 to fully fix it :(. well with 16.04 and Qt 5.6 we don't have the problems that are discussed in CVE-2016-7967 and CVE-2016-7968. > Did not yet open a Debian bug report. Well no bug report but the CVEs are already in security-tracker: https://security-tracker.debian.org/tracker/CVE-2016-7966 https://security-tracker.debian.org/tracker/CVE-2016-7967 https://security-tracker.debian.org/tracker/CVE-2016-7968 okay we need to update the information a little bit. btw. this is the first source for information you should look if Debian is already aware of any CVEs and if not please inform the security team with the needed information and also ping the maintainers. This is how we can track the status of CVEs... And yes the maintainer are aware of it already. See pkg-kde-talk ml: http://lists.alioth.debian.org/pipermail/pkg-kde-talk/2016-October/002397.html Regards, sandro
Attachment:
signature.asc
Description: This is a digitally signed message part.