summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-01-30 20:53:31 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2020-01-30 20:56:20 +0100
commit3001400b166aa09d196ea89a1c48d967c7541078 (patch)
treec33359dcabd15aa38740aebfd44b032746790ade
parent806851d91dbdf367b57e859a129d29dc6b19a3f2 (diff)
Update information on CVE-2020-0569 and CVE-2020-0570
For CVE-2020-0570 Lisandro asked back to upstream about confirmation on the affected ranges. Upstream confirmed that the issue is not present before 5.12: > The patch just make sure that we don't do wrong call when the search prefixes > contains '/' > But before 5.12 (commit 5219c37f7c98f37f078fee00fe8ca35d83ff4f5d), there were > no search prefixes with '/' in them. > So no need to apply the patch in earlier versions. Remove as well the now uneeded TODO item from CVE-2020-0569, as the issue does not apply to the old qt4-x11.
-rw-r--r--data/CVE/2020.list2
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 41435c8574..545393b8cf 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -16064,12 +16064,12 @@ CVE-2020-0570
[stretch] - qtbase-opensource-src <not-affected> (Only affects 5.12.0 through 5.14.0)
NOTE: https://bugreports.qt.io/browse/QTBUG-81272
NOTE: Patch: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=e6f1fde24f77f63fb16b2df239f82a89d2bf05dd
+ NOTE: https://lists.qt-project.org/pipermail/development/2020-January/038534.html
CVE-2020-0569
RESERVED
- qtbase-opensource-src <unfixed>
NOTE: Patch for 5.6.0 through 5.13.2: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=bf131e8d2181b3404f5293546ed390999f760404
NOTE: Patch for 5.0.0 through 5.5.1: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=5c4234ed958130d655df8197129806f687d4df0d
- TODO: check qt4-x11
CVE-2020-0568
RESERVED
CVE-2020-0567

© 2014-2024 Faster IT GmbH | imprint | privacy policy