Package: qtox Version: 1.17.6-0.1 Severity: important X-Debbugs-Cc: m.sca...@protonmail.ch
Dear Maintainer, a serious remote code execution vulnerability has allegedly been discovered for qtox and reported in Windows as explained in here: https://github.com/Zoxcore/qTox_enhanced/issues/6 Apparently, a patch was released for the issue. Is the Linux version of the software affected? Is Debian package safe to use? -- System Information: Debian Release: 12.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-13-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages qtox depends on: ii libavcodec59 7:5.1.3-1 ii libavdevice59 7:5.1.3-1 ii libavformat59 7:5.1.3-1 ii libavutil57 7:5.1.3-1 ii libc6 2.36-9+deb12u3 ii libexif12 0.6.24-1+b1 ii libkf5sonnetui5 5.103.0-1 ii libopenal1 1:1.19.1-2 ii libqrencode4 4.1.1-1 ii libqt5core5a 5.15.8+dfsg-11 ii libqt5gui5 5.15.8+dfsg-11 ii libqt5network5 5.15.8+dfsg-11 ii libqt5svg5 5.15.8-3 ii libqt5widgets5 5.15.8+dfsg-11 ii libqt5xml5 5.15.8+dfsg-11 ii libsodium23 1.0.18-1 ii libsqlcipher0 3.4.1-2+b1 ii libstdc++6 12.2.0-14 ii libswscale6 7:5.1.3-1 ii libtoxcore2 0.2.18-1 ii libx11-6 2:1.8.4-2+deb12u2 ii libxss1 1:1.2.3-1 qtox recommends no packages. qtox suggests no packages. -- no debconf information