[Git][security-tracker-team/security-tracker][master] qtbase-opensource-src-gles, qt6-base fixed in sid

Mon, 11 Jul 2022 12:49:02 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6ff94ec6 by Moritz Muehlenhoff at 2022-07-11T21:48:21+02:00
qtbase-opensource-src-gles, qt6-base fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28686,17 +28686,18 @@ CVE-2022-25257
 CVE-2022-25256 (SAS Web Report Studio 4.4 allows XSS. 
/SASWebReportStudio/logonAndRend ...)
        NOT-FOR-US: SAS Web Report Studio
 CVE-2022-25255 (In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 
on Linux ...)
-       - qt6-base <unfixed>
+       - qt6-base 6.2.4+dfsg-4
        - qtbase-opensource-src 5.15.2+dfsg-15
        [bullseye] - qtbase-opensource-src <no-dsa> (Minor issue)
        [buster] - qtbase-opensource-src <ignored> (Breaks existing behaviour 
and upstream also skipped from 5.12 branch)
        [stretch] - qtbase-opensource-src <not-affected> (Vulnerable code 
introduced later)
-       - qtbase-opensource-src-gles <unfixed>
+       - qtbase-opensource-src-gles 5.15.4+dfsg-2
        [bullseye] - qtbase-opensource-src-gles <no-dsa> (Minor issue)
        [buster] - qtbase-opensource-src-gles <ignored> (Breaks existing 
behaviour and upstream also skipped from 5.12 branch)
        NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/393113
        NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/394914
        NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/396020
+       NOTE: 
https://github.com/qt/qtbase/commit/ab6915f0efb12cfe48d1f126f4a828212f853ce5 
(6.2)
        NOTE: https://download.qt.io/official_releases/qt/5.15/qprocess5-15.diff
        NOTE: https://download.qt.io/official_releases/qt/6.2/qprocess6-2.diff
        NOTE: https://www.qt.io/blog/security-advisory-qprocess



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ff94ec650cddcc5a624d1f534e2083031222574

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ff94ec650cddcc5a624d1f534e2083031222574
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to