Bug#779550: qt4-x11: CVE-2015-0295
On Mon, Mar 02, 2015 at 07:32:11PM +0300, Dmitry Shachnev wrote:
> clone -1 -2
> reassign -2 libqt5gui5 5.3.2+dfsg-4
> thanks
>
> On Mon, 02 Mar 2015 10:18:40 -0300, Lisandro Damián Nicanor Pérez Meyer wrote:
> > And we have the same bug for Qt5 too.
> >
> > Moritz, do you thing it's grave enough to update jessie via standard methods?
> >
> > mm, now that I remember we need a tpu for qt5 /o\
>
> I think it should not be RC for Qt 5, as we have no DEs in archive
> using Qt 5.
>
> Re Qt 4, this can be fixed via unstable so I don't see why not to do it.
> But I want to hear Moritz' opinion first.
Agreed, I didn't file both as RC since it doesn't allow code conjection.
For Wheezy we can either fix it along with a potential future DSA or
address it via a stable point update.
Both can be fixed for jessie via unstable upload+unblock. They're
security bugs within the limits of what the releases managers unblock
at this point of the freeze.
Cheers,
Moritz
Reply to: