diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-30 20:53:31 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-30 20:56:20 +0100 |
| commit | 6d5b0ea55c4f5f2d1498d76b835d2e4f4fab01bc (patch) | |
| tree | 52dd32209daecde926332cb32cebc177d159350a | |
| parent | cc319a8d4120a13458c13a6825b73e61f1ca5a53 (diff) | |
Update information on CVE-2020-0569 and CVE-2020-0570
For CVE-2020-0570 Lisandro asked back to upstream about confirmation on
the affected ranges. Upstream confirmed that the issue is not present
before 5.12:
> The patch just make sure that we don't do wrong call when the search prefixes
> contains '/'
> But before 5.12 (commit 5219c37f7c98f37f078fee00fe8ca35d83ff4f5d), there were
> no search prefixes with '/' in them.
> So no need to apply the patch in earlier versions.
Remove as well the now uneeded TODO item from CVE-2020-0569, as the
issue does not apply to the old qt4-x11.
| -rw-r--r-- | data/CVE/list | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index 35ad5c6e0e..dd2ad17e99 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -20928,12 +20928,12 @@ CVE-2020-0570 [stretch] - qtbase-opensource-src <not-affected> (Only affects 5.12.0 through 5.14.0) NOTE: https://bugreports.qt.io/browse/QTBUG-81272 NOTE: Patch: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=e6f1fde24f77f63fb16b2df239f82a89d2bf05dd + NOTE: https://lists.qt-project.org/pipermail/development/2020-January/038534.html CVE-2020-0569 RESERVED - qtbase-opensource-src <unfixed> NOTE: Patch for 5.6.0 through 5.13.2: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=bf131e8d2181b3404f5293546ed390999f760404 NOTE: Patch for 5.0.0 through 5.5.1: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=5c4234ed958130d655df8197129806f687d4df0d - TODO: check qt4-x11 CVE-2020-0568 RESERVED CVE-2020-0567 |