[Git][security-tracker-team/security-tracker][master] new qt networkauth issues

Fri May 24 16:26:43 BST 2024


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0fffc193 by Moritz Muehlenhoff at 2024-05-24T17:26:14+02:00
new qt networkauth issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3728,7 +3728,10 @@ CVE-2024-36050 (Nix through 2.22.1 mishandles certain usage of hash caches, whic
 	NOTE: https://github.com/NixOS/ofborg/issues/68#issuecomment-2082789441
 	TODO: check details and verify if same code (and only then) is present in guix
 CVE-2024-36048 (QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x b ...)
-	TODO: check
+	- qtnetworkauth-everywhere-src <unfixed>
+	- qt6-networkauth <unfixed>
+	NOTE: https://codereview.qt-project.org/c/qt/qtnetworkauth/+/560317
+	NOTE: https://codereview.qt-project.org/c/qt/qtnetworkauth/+/560368
 CVE-2024-28064 (Kiteworks Totemomail 7.x and 8.x before 8.3.0 allows /responsiveUI/Env ...)
 	NOT-FOR-US: Kiteworks Totemomail
 CVE-2024-28063 (Kiteworks Totemomail through 7.0.0 allows /responsiveUI/EnvelopeOpenSe ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fffc193d2c1dbdeedfb232d412f52f76d553f55

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fffc193d2c1dbdeedfb232d412f52f76d553f55
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240524/e04a543b/attachment.htm>
