On Mon, May 22, 2023 at 01:58:03PM -0300, Lisandro Damián Nicanor Pérez Meyer wrote: > Package: release.debian.org > Severity: normal > User: release.debian....@packages.debian.org > Usertags: unblock > X-Debbugs-Cc: qtbase-opensource-...@packages.debian.org, mity...@debian.org, > lisan...@debian.org > Control: affects -1 + src:qtbase-opensource-src > > Please unblock package qtbase-opensource-src > > [ Reason ] > > This upload: > - Fixes CVE-2023-32762 and CVE-2023-32763. One prevents a crash with SVG > (not related to the one in qtsvg-opensource-src) and the other one > related to a security heade parsing in the network module. > - Adds a Break/Replaces in order to allow proper handling of systems > that still had libqtcore4 around (#1035790). > - Backports a patch in order to solve an issue with KWin: > - https://bugreports.qt.io/browse/QTBUG-98048 > - https://lists.debian.org/debian-kde/2022/11/msg00019.html
Actually, the fix for #1035790 has already migrated to testing. So just the first and third points are remaining. -- Dmitry Shachnev
signature.asc
Description: PGP signature
