[Git][security-tracker-team/security-tracker][master] qtbase-opensource-src/5.11.3 moved to unstable fixing three CVEs

Salvatore Bonaccorso carnil at debian.org
Wed Dec 26 21:04:31 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
705b5020 by Salvatore Bonaccorso at 2018-12-26T21:04:03Z
qtbase-opensource-src/5.11.3 moved to unstable fixing three CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5420,7 +5420,7 @@ CVE-2018-19874
 CVE-2018-19873 [QBmpHandler segfault on malformed BMP file]
 	RESERVED
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
-	- qtbase-opensource-src <unfixed>
+	- qtbase-opensource-src 5.11.3+dfsg-2
 	[jessie] - qtbase-opensource-src <ignored> (Minor issue)
 	- qt4-x11 <unfixed>
 	[jessie] - qt4-x11 <ignored> (Minor issue)
@@ -5442,7 +5442,7 @@ CVE-2018-19871 [QImage: QTgaFile CPU exhaustion]
 CVE-2018-19870 [Check for QImage allocation failure in qgifhandler]
 	RESERVED
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
-	- qtbase-opensource-src <unfixed> (low)
+	- qtbase-opensource-src 5.11.3+dfsg-2 (low)
 	[stretch] - qtbase-opensource-src <no-dsa> (Minor issue)
 	[jessie] - qtbase-opensource-src <ignored> (Minor issue)
 	- qt4-x11 <unfixed> (low)
@@ -19565,7 +19565,7 @@ CVE-2018-15519
 CVE-2018-15518 [Qt Base: "double free or corruption" in QXmlStreamReader]
 	RESERVED
 	[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
-	- qtbase-opensource-src <unfixed>
+	- qtbase-opensource-src 5.11.3+dfsg-2
 	[jessie] - qtbase-opensource-src <ignored> (Minor issue)
 	NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
 	NOTE: https://codereview.qt-project.org/#/c/236691/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/705b50208c3f9f92754b25ec32ab6c487c47f479

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/705b50208c3f9f92754b25ec32ab6c487c47f479
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181226/7bb8492d/attachment.html>

More information about the debian-security-tracker-commits mailing list