From cc35cfefdc227440a4b5fc174b3d8af5cbf8d02a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Moritz=20M=C3=BChlenhoff?= <jmm@debian.org>
Date: Sun, 27 Mar 2022 21:12:52 +0200
Subject: qt ospu

---
 data/CVE/list                        | 1 +
 data/next-oldstable-point-update.txt | 2 ++
 2 files changed, 3 insertions(+)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index a83c84d697..1ff4106acf 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7024,6 +7024,7 @@ CVE-2022-25256 (SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonA
 CVE-2022-25255 (In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux ...)
 	- qt6-base <unfixed>
 	- qtbase-opensource-src 5.15.2+dfsg-15
+	[buster] - qtbase-opensource-src <ignored> (Breaks existing behaviour and upstream also skipped from 5.12 branch)
 	[stretch] - qtbase-opensource-src <not-affected> (Vulnerable code introduced later)
 	- qtbase-opensource-src-gles <unfixed>
 	NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/393113
diff --git a/data/next-oldstable-point-update.txt b/data/next-oldstable-point-update.txt
index d219156d5a..a714287dec 100644
--- a/data/next-oldstable-point-update.txt
+++ b/data/next-oldstable-point-update.txt
@@ -90,3 +90,5 @@ CVE-2020-15859
 	[buster] - qemu 1:3.1+dfsg-8+deb10u9
 CVE-2020-13253
 	[buster] - qemu 1:3.1+dfsg-8+deb10u9
+CVE-2015-9541
+	[buster] - qtbase-opensource-src 5.11.3+dfsg1-1+deb10u5
-- 
cgit v1.2.3