[Git][security-tracker-team/security-tracker][master] CVE-2018-21035/qtwebsockets-opensource-src no-dsa on jessie
Emilio Pozuelo Monfort
pochu at debian.org
Wed Mar 4 09:22:43 GMT 2020
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6bf45ebe by Emilio Pozuelo Monfort at 2020-03-04T10:19:37+01:00
CVE-2018-21035/qtwebsockets-opensource-src no-dsa on jessie
The upstream fix just adds new API to allow lowering the message
size, but it would need all users to change it, and there are no
rdeps on jessie anyway.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1194,6 +1194,7 @@ CVE-2018-21035 (In Qt through 5.14.1, the WebSocket implementation accepts up to
- qtwebsockets-opensource-src <unfixed> (bug #953049)
[buster] - qtwebsockets-opensource-src <no-dsa> (Minor issue)
[stretch] - qtwebsockets-opensource-src <no-dsa> (Minor issue)
+ [jessie] - qtwebsockets-opensource-src <no-dsa> (Minor issue)
NOTE: https://bugreports.qt.io/browse/QTBUG-70693
NOTE: https://codereview.qt-project.org/c/qt/qtwebsockets/+/284735
CVE-2020-9445
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bf45ebe0c5d8b15ce72331623afdea1283d51ee
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bf45ebe0c5d8b15ce72331623afdea1283d51ee
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200304/4a78cbc2/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list