Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
aad7bd76 by Salvatore Bonaccorso at 2020-09-21T10:35:26+02:00
Cleanup no-dsa tagged entries which got an update
Those should be removed for consistency.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -115215,17 +115215,14 @@ CVE-2018-19873 (An issue was discovered in Qt
before 5.11.3. QBmpHandler has a b
[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
- qtbase-opensource-src 5.11.3+dfsg-2 (low)
- qt4-x11 4:4.8.7+dfsg-18 (low; bug #923003)
- [stretch] - qt4-x11 <no-dsa> (Minor issue)
NOTE:
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
NOTE: https://codereview.qt-project.org/#/c/238749/
NOTE:
https://github.com/qt/qtbase/commit/621ab8ab59901cc3f9bd98be709929c9eac997a8
CVE-2018-19872 (An issue was discovered in Qt 5.11. A malformed PPM image
causes a div ...)
{DLA-2377-1 DLA-2376-1}
- qtbase-opensource-src 5.11.2+dfsg-3 (low)
- [stretch] - qtbase-opensource-src <no-dsa> (Minor issue)
[jessie] - qtbase-opensource-src <no-dsa> (Minor issue)
- qt4-x11 4:4.8.7+dfsg-18
- [stretch] - qt4-x11 <no-dsa> (Minor issue)
[jessie] - qt4-x11 <no-dsa> (Minor issue)
NOTE: https://bugreports.qt.io/browse/QTBUG-69449
NOTE: qt4-x11: POC doesn't crash on neither jessie nor stretch, it's
possibly incomplete; patch applies though.
@@ -115235,7 +115232,6 @@ CVE-2018-19871 (An issue was discovered in Qt before
5.11.3. There is QTgaFile U
[stretch] - qtimageformats-opensource-src <no-dsa> (Minor issue)
[jessie] - qtimageformats-opensource-src <postponed> (Minor issue)
- qt4-x11 4:4.8.7+dfsg-18 (low; bug #923003)
- [stretch] - qt4-x11 <no-dsa> (Minor issue)
NOTE:
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
NOTE: https://codereview.qt-project.org/#/c/237761/
NOTE: qt4-x11 affected in src/plugins/imageformats/tga/qtgafile.cpp
@@ -115245,7 +115241,6 @@ CVE-2018-19870 (An issue was discovered in Qt before
5.11.3. A malformed GIF ima
[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
- qtbase-opensource-src 5.11.3+dfsg-2 (low)
- qt4-x11 4:4.8.7+dfsg-18 (low; bug #923003)
- [stretch] - qt4-x11 <no-dsa> (Minor issue)
NOTE:
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
NOTE: https://codereview.qt-project.org/#/c/235998/
NOTE: affected code can be in src/gui/image/qgifhandler.cpp or in
@@ -115255,7 +115250,6 @@ CVE-2018-19869 (An issue was discovered in Qt before
5.11.3. A malformed SVG ima
{DLA-2377-1 DLA-1786-1}
[experimental] - qtsvg-opensource-src 5.11.3-1
- qtsvg-opensource-src 5.11.3-2 (low)
- [stretch] - qtsvg-opensource-src <no-dsa> (Minor issue)
[jessie] - qtsvg-opensource-src <no-dsa> (Minor issue)
- qt4-x11 4:4.8.7+dfsg-18 (low)
[stretch] - qt4-x11 <no-dsa> (Minor issue)
@@ -130035,7 +130029,6 @@ CVE-2018-15518 (QXmlStream in Qt 5.x before 5.11.3
has a double-free or corrupti
[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
- qtbase-opensource-src 5.11.3+dfsg-2
- qt4-x11 4:4.8.7+dfsg-18 (low)
- [stretch] - qt4-x11 <no-dsa> (Minor issue)
NOTE:
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
NOTE: https://codereview.qt-project.org/#/c/236691/
CVE-2018-15517 (The MailConnect feature on D-Link Central WiFiManager CWM-100
1.03 r00 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aad7bd76a0dc857cd53395095200b3ded21afe1b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aad7bd76a0dc857cd53395095200b3ded21afe1b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
