On Wednesday 22 April 2015 02:14:47 Kevin Kofler wrote: > > CVE-2015-1860 GIF vulnerability > > Qt 3 appears to be VULNERABLE to this issue. I backported the fix from Qt 4: > http://pkgs.fedoraproject.org/cgit/qt3.git/plain/qt-x11-free-3.3.8b-CVE-201 > 5-1860.patch > > Please note that Qt 3 is NOT supported by the Qt Project anymore. The above > backported patch (CVE-2015-1860) and statements of non-vulnerability > (CVE-2015-1858/1859) are user-contributed (by me, a volunteer Fedora > packager) on a purely as-is basis. > > I hope this helps, > Kevin Kofler
Thanks Kevin, the patch is useful. Richard, can you relay Kevin's patch to the distro security announcements too? They may find it useful. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel Open Source Technology Center _______________________________________________ Development mailing list [email protected] http://lists.qt-project.org/mailman/listinfo/development
