[Secure-testing-commits] r37381 - data/CVE

Scott Kitterman kitterman at moszumanska.debian.org
Tue Oct 27 19:33:18 UTC 2015


Author: kitterman
Date: 2015-10-27 19:33:18 +0000 (Tue, 27 Oct 2015)
New Revision: 37381

Modified:
   data/CVE/list
Log:
Update CVE-2013-4422 to indicate squeeze not affected due to Qt being too old.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-10-27 18:41:40 UTC (rev 37380)
+++ data/CVE/list	2015-10-27 19:33:18 UTC (rev 37381)
@@ -55390,13 +55390,13 @@
 	RESERVED
 CVE-2013-4422 (SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 ...)
 	- quassel 0.9.1-1
-	[wheezy] - quassel <no-dsa> (Issue only relevant if the QT 4.8.5 fix would be backported)
-	[squeeze] - quassel <unfixed> (unimportant)
-	NOTE: Issue when used with QT >= 4.8.5 and PostgreSQL >= 8.2
+	[wheezy] - quassel <no-dsa> (Issue only relevant if the Qt 4.8.5 fix would be backported)
+	[squeeze] - quassel <not-affected> (qt4-x11 is too old)
+	NOTE: Issue when used with Qt >= 4.8.5 and PostgreSQL >= 8.2
 	NOTE: http://quassel-irc.org/node/120
 	NOTE: http://bugs.quassel-irc.org/issues/1244
 	NOTE: https://github.com/quassel/quassel/commit/aa1008be162cb27da938cce93ba533f54d228869
-	NOTE: Caused by a change in QT's postgres driver:
+	NOTE: Caused by a change in Qt's postgres driver:
 	NOTE: https://bugreports.qt-project.org/browse/QTBUG-30076
 	NOTE: https://qt.gitorious.org/qt/qtbase/commit/e3c5351d06ce8a12f035cd0627356bc64d8c334a
 CVE-2013-4421 (The buf_decompress function in packet.c in Dropbear SSH Server before ...)




More information about the Secure-testing-commits mailing list