Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits: 6c002401 by Emilio Pozuelo Monfort at 2023-10-03T09:03:11+02:00 lts: mark CVE-2021-28025/qt4-x11 as no-dsa on buster It's likely fixed, but there's no point in having it listed in dla-needed indefinitely. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -179627,6 +179627,7 @@ CVE-2021-28025 (Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg ve [bullseye] - qtsvg-opensource-src <no-dsa> (Minor issue) [buster] - qtsvg-opensource-src <no-dsa> (Minor issue) - qt4-x11 <removed> + [buster] - qt4-x11 <no-dsa> (Minor issue) NOTE: https://bugreports.qt.io/browse/QTBUG-91507 NOTE: https://code.qt.io/cgit/qt/qtsvg.git/commit/?id=7bbf88403fd2d1fe79fab7c8e469f8aeafeb7372 (v5.15.4-lts-lgpl) NOTE: Potentially to be considered a duplicte of CVE-2021-3481, ongoing clarification ===================================== data/dla-needed.txt ===================================== @@ -154,10 +154,6 @@ qemu (Sean Whitton) NOTE: 20230924: Added by Front-Desk (apo) NOTE: 20230924: Consider fixing postponed issues as well. (apo) -- -qt4-x11 - NOTE: 20230822: Re-added for one remaining open CVE (roberto) - NOTE: 20230822: CVE-2021-28025 maybe a dup of CVE-2021-3481; once resolved, fix or remove entry from this file (roberto) --- rails NOTE: 20220909: Re-added due to regression (abhijith) NOTE: 20220909: Regression on 2:5.2.2.1+dfsg-1+deb10u4 (abhijith) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c0024016213ebcb9f4f72ef8118322e005e5b71 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c0024016213ebcb9f4f72ef8118322e005e5b71 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits