Re: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190

To: ies <iesdebian@gmail.com>
Cc: debian-lts@lists.debian.org
Subject: Re: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Thu, 29 Jan 2015 16:52:08 +0100
Message-id: <[🔎] 20150129155207.GA14504@pisco.westfalen.local>
In-reply-to: <[🔎] 54ca4d0c.4696420a.0f32.4d29@mx.google.com>
References: <[🔎] 54ca4d0c.4696420a.0f32.4d29@mx.google.com>

On Thu, Jan 29, 2015 at 10:08:57PM +0700, ies wrote:
> I have just fixed the CVE for the qt4-x11 of the minor security issue.
> 
> Please help me to review and give some feedback if you found.

There are three additional CVE IDs open in squeeze; if you're
preparing an update for Squeeze LTS, you could investigate whether
an appropriate fix exists? (I didn't look into this further myself)
(CVE-2013-4549, CVE-2012-4929 and CVE-2013-0254)

Also, patches should be signed off with your real name instead
of "iesdebian".

Cheers,
        Moritz

Reply to:

Follow-Ups:
- RE: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190
  - From: "ies" <iesdebian@gmail.com>
- Re: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190
  - From: Raphael Hertzog <hertzog@debian.org>

References:
- [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190
  - From: "ies" <iesdebian@gmail.com>

Prev by Date: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190
Next by Date: RE: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190
Previous by thread: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190
Next by thread: RE: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190
Index(es):
- Date
- Thread