kmail CVEs and patches
Maximiliano Curia
maxy at debian.org
Fri Oct 7 09:31:07 UTC 2016
Hi,
About: https://www.kde.org/info/security/advisory-20161006-1.txt
I tried to backport the CVE-2016-7966 fix commit to kf 5.26 and it didn't
apply cleanly, it would be nice if the advisory includes the list of the
commits to backport, or maybe a new 5.26.1 kcoreaddons bugfix release.
About: https://www.kde.org/info/security/advisory-20161006-3.txt
Via irc you mentioned that non qtwebengine versions are affected by this as
well, that contradict the versions listed in the advisory message. As you
know, we are currently using qt 5.6 and messagelib from 16.04, which set of
patches should we include?
Happy hacking,
--
"It is practically impossible to teach good programming to students that have
had a prior exposure to BASIC: as potential programmers they are mentally
mutilated beyond hope of regeneration."
-- Edsger W. Dijkstra
Saludos /\/\ /\ >< `/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-kde-talk/attachments/20161007/1f63f870/attachment.sig>
More information about the pkg-kde-talk
mailing list