Dear Moritz, Thanks for your feedback. > (CVE-2013-4549, CVE-2012-4929 and CVE-2013-0254) I am sorry for the first time of submit patch file to debian-lts. But I'd like to confirm do you mean it's required to fix all these CVE in a version of qt4-x11?
Thanks & best regards, -----Original Message----- From: Moritz Mühlenhoff [mailto:[email protected]] Sent: Thursday, January 29, 2015 10:52 PM To: ies Cc: [email protected] Subject: Re: [CVE-2014-0109] qt4-x11_4.6.3-4+squeeze3_CVE-2014-0190 On Thu, Jan 29, 2015 at 10:08:57PM +0700, ies wrote: > I have just fixed the CVE for the qt4-x11 of the minor security issue. > > Please help me to review and give some feedback if you found. There are three additional CVE IDs open in squeeze; if you're preparing an update for Squeeze LTS, you could investigate whether an appropriate fix exists? (I didn't look into this further myself) (CVE-2013-4549, CVE-2012-4929 and CVE-2013-0254) Also, patches should be signed off with your real name instead of "iesdebian". Cheers, Moritz Internal Virus Database is out of date. Checked by AVG - www.avg.com Version: 8.5.455 / Virus Database: 271.1.1/5970 - Release Date: 07/06/13 16:46:00 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
