RE: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190
Thanks for your feedback.
> (CVE-2013-4549, CVE-2012-4929 and CVE-2013-0254)
I am sorry for the first time of submit patch file to debian-lts.
But I'd like to confirm do you mean it's required to fix all these CVE in a
version of qt4-x11?
Thanks & best regards,
From: Moritz Mühlenhoff [mailto:email@example.com]
Sent: Thursday, January 29, 2015 10:52 PM
Subject: Re: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190
On Thu, Jan 29, 2015 at 10:08:57PM +0700, ies wrote:
> I have just fixed the CVE for the qt4-x11 of the minor security issue.
> Please help me to review and give some feedback if you found.
There are three additional CVE IDs open in squeeze; if you're
preparing an update for Squeeze LTS, you could investigate whether
an appropriate fix exists? (I didn't look into this further myself)
(CVE-2013-4549, CVE-2012-4929 and CVE-2013-0254)
Also, patches should be signed off with your real name instead
Internal Virus Database is out of date.
Checked by AVG - www.avg.com
Version: 8.5.455 / Virus Database: 271.1.1/5970 - Release Date: 07/06/13