[Git][security-tracker-team/security-tracker][master] dla: add qt4-x11

Fri Apr 12 10:14:12 BST 2019


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c5ec840 by Sylvain Beucler at 2019-04-12T09:13:53Z
dla: add qt4-x11

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -25423,6 +25423,7 @@ CVE-2018-19872 (An issue was discovered in Qt 5.11. A malformed PPM image causes
 	[jessie] - qtbase-opensource-src <no-dsa> (Minor issue)
 	- qt4-x11 <unfixed>
 	NOTE: https://bugreports.qt.io/browse/QTBUG-69449
+	NOTE: qt4-x11: POC doesn't crash on neither jessie nor stretch, it's possibly incomplete; patch applies though
 CVE-2018-19871 (An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontr ...)
 	- qtimageformats-opensource-src 5.11.3-2 (low)
 	[stretch] - qtimageformats-opensource-src <no-dsa> (Minor issue)


=====================================
data/dla-needed.txt
=====================================
@@ -110,6 +110,10 @@ python3.4 (Roberto C. Sánchez)
 qemu (Emilio)
   NOTE: CVE-2018-19665: wait for final patch
 --
+qt4-x11
+  NOTE: dla-1627 (Qt5) to apply to Qt4 as well
+  NOTE: CVE-2018-19872 id. while we're at it (minor)
+--
 sox
   NOTE: 20190305: CVE-2019-835{4,5,6,7} no upstream patch yet, might take some time.
   NOTE: Check again later. - hle



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c5ec840b652b97bae221a1d17fca1485f9ac26b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c5ec840b652b97bae221a1d17fca1485f9ac26b
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190412/dde1e84e/attachment-0001.html>
