[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#853241: kf5-messagelib: CVE-2016-7967 CVE-2016-7968



On Tue, Jan 31, 2017 at 12:22:34PM -0300, Lisandro Damián Nicanor Pérez Meyer wrote:
> On lunes, 30 de enero de 2017 20:15:38 ART Salvatore Bonaccorso wrote:
> > Hi
> > 
> > It might be noted that the issues itself are mitigated with the fixes
> > applied for CVE-2016-7966, and a user protected from this CVE by only
> > viewing plain text mails. But the issues still presend. At least for
> > CVE-2016-7968 a full fix would need to be building with Qt 5.7.0
> > AFAICT (please correct me if I'm wrong).
> 
> Salvatore: what would be the status considering we are still not using 
> qtwebengine?
> 
> Please note I normally do not touch KDE packaging, I just happen to know 
> qtwebengine is not releated to this :)

I'll mark both bugs as not-affected in the security tracker and I suggest 
you simply close this bug, then.

Cheers,
        Moritz


Reply to: