diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-08-23 23:22:22 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-08-23 23:22:22 +0200 |
commit | 154cac77f528b72b36288e57927fdd64f6b3a2b4 (patch) | |
tree | b262346f74cc6a4f8b3080caa0246776541fe6ab /data/CVE/2016.list | |
parent | 53e91b41a22b69eaed0f484ae70179ffd65ae784 (diff) |
Replace nonworking https://cgit.kde.org referenes with github commits
Diffstat (limited to 'data/CVE/2016.list')
-rw-r--r-- | data/CVE/2016.list | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/data/CVE/2016.list b/data/CVE/2016.list index 711b316508..df9a87fe45 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -9260,20 +9260,20 @@ CVE-2016-7969 (The wrap_lines_smart function in ass_render.c in libass before 0. CVE-2016-7968 (KMail since version 5.3.0 used a QWebEngine based viewer that had Java ...) - kf5-messagelib <not-affected> (Doesn't use qtwebengine, see bug #853241) NOTE: https://www.kde.org/info/security/advisory-20161006-3.txt - NOTE: Would by fixed by: https://cgit.kde.org/messagelib.git/commit/?id=f601f9ffb706f7d3a5893b04f067a1f75da62c99 + NOTE: Would by fixed by: https://github.com/KDE/messagelib/commit/f601f9ffb706f7d3a5893b04f067a1f75da62c99 NOTE: and building with Qt 5.7.0. NOTE: Following patches partly sanitize mails but still make it possible to inject code: - NOTE: https://cgit.kde.org/messagelib.git/commit/?id=3503b75e9c79c3861e182588a0737baf165abd23 (v16.08.2) - NOTE: https://cgit.kde.org/messagelib.git/commit/?id=a8744798dfdf8e41dd6a378e48662c66302b0019 (v16.08.2) - NOTE: https://cgit.kde.org/messagelib.git/commit/?id=77976584a4ed2797437a2423704abdd7ece7834a (v16.08.2) - NOTE: https://cgit.kde.org/messagelib.git/commit/?id=fb1be09360c812d24355076da544030a67b736fc (v16.08.2) - NOTE: https://cgit.kde.org/messagelib.git/commit/?id=0402c17a8ead92188971cb604d905b3072d56a73 (v16.08.2) + NOTE: https://github.com/KDE/messagelib/commit/3503b75e9c79c3861e182588a0737baf165abd23 (v16.08.2) + NOTE: https://github.com/KDE/messagelib/commit/a8744798dfdf8e41dd6a378e48662c66302b0019 (v16.08.2) + NOTE: https://github.com/KDE/messagelib/commit/77976584a4ed2797437a2423704abdd7ece7834a (v16.08.2) + NOTE: https://github.com/KDE/messagelib/commit/fb1be09360c812d24355076da544030a67b736fc (v16.08.2) + NOTE: https://github.com/KDE/messagelib/commit/0402c17a8ead92188971cb604d905b3072d56a73 (v16.08.2) NOTE: The issue is mitigated with the fixes applied for CVE-2016-7966, and a NOTE: user protected from this CVE by only viewing plain text mails. CVE-2016-7967 (KMail since version 5.3.0 used a QWebEngine based viewer that had Java ...) - kf5-messagelib <not-affected> (Doesn't use qtwebengine, see bug #853241) NOTE: https://www.kde.org/info/security/advisory-20161006-2.txt - NOTE: Fixed by: https://cgit.kde.org/messagelib.git/commit/?id=dfc6a86f1b25f1da04b8f1df5320fcdd7085bcc1 (16.11.80) + NOTE: Fixed by: https://github.com/KDE/messagelib/commit/dfc6a86f1b25f1da04b8f1df5320fcdd7085bcc1 (16.11.80) NOTE: The issue is mitigated with the fixes applied for CVE-2016-7966, and a NOTE: user protected from this CVE by only viewing plain text mails. CVE-2016-7966 (Through a malicious URL that contained a quote character it was possib ...) |