[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190

Dear Moritz,

Thanks for your feedback.
> (CVE-2013-4549, CVE-2012-4929 and CVE-2013-0254)
I am sorry for the first time of submit patch file to debian-lts.
But I'd like to confirm do you mean it's required to fix all these CVE in a
version of qt4-x11?

Thanks & best regards,
-----Original Message-----
From: Moritz Mühlenhoff [mailto:jmm@inutil.org] 
Sent: Thursday, January 29, 2015 10:52 PM
To: ies
Cc: debian-lts@lists.debian.org
Subject: Re: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190

On Thu, Jan 29, 2015 at 10:08:57PM +0700, ies wrote:
> I have just fixed the CVE for the qt4-x11 of the minor security issue.
> Please help me to review and give some feedback if you found.

There are three additional CVE IDs open in squeeze; if you're
preparing an update for Squeeze LTS, you could investigate whether
an appropriate fix exists? (I didn't look into this further myself)
(CVE-2013-4549, CVE-2012-4929 and CVE-2013-0254)

Also, patches should be signed off with your real name instead
of "iesdebian".


Internal Virus Database is out of date.
Checked by AVG - www.avg.com 
Version: 8.5.455 / Virus Database: 271.1.1/5970 - Release Date: 07/06/13

Reply to: