diff options
author | Thorsten Alteholz <debian@alteholz.de> | 2024-05-01 00:38:32 +0200 |
---|---|---|
committer | Thorsten Alteholz <debian@alteholz.de> | 2024-05-01 00:38:32 +0200 |
commit | dc4a984d2ee54dc51ecee2b4ff8a807dd75976ed (patch) | |
tree | 2a9b2d0d38c46af6198af3af6006b7b345f40cdd | |
parent | 5171f6a8eb1c421b88b4d2ae7e0cb2cd069a942d (diff) |
Reserve DLA-3805-1 for qtbase-opensource-src
-rw-r--r-- | data/CVE/list | 7 | ||||
-rw-r--r-- | data/DLA/list | 3 |
2 files changed, 3 insertions, 7 deletions
diff --git a/data/CVE/list b/data/CVE/list index 79f43e43ec..1334794ef3 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -31267,7 +31267,6 @@ CVE-2023-51714 (An issue was discovered in the HTTP2 implementation in Qt before - qtbase-opensource-src 5.15.10+dfsg-6 (bug #1060694) [bookworm] - qtbase-opensource-src <no-dsa> (Minor issue) [bullseye] - qtbase-opensource-src <no-dsa> (Minor issue) - [buster] - qtbase-opensource-src <no-dsa> (Minor issue) - qtbase-opensource-src-gles 5.15.10+dfsg-4 (bug #1060695) [bookworm] - qtbase-opensource-src-gles <no-dsa> (Minor issue) [bullseye] - qtbase-opensource-src-gles <no-dsa> (Minor issue) @@ -56030,7 +56029,6 @@ CVE-2023-37369 (In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x - qtbase-opensource-src 5.15.10+dfsg-3 [bookworm] - qtbase-opensource-src <no-dsa> (Minor issue) [bullseye] - qtbase-opensource-src <no-dsa> (Minor issue) - [buster] - qtbase-opensource-src <no-dsa> (Minor issue) - qt4-x11 <removed> NOTE: https://www.qt.io/blog/security-advisory-qxmlstreamreader NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/455027 @@ -57800,7 +57798,6 @@ CVE-2023-38197 (An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, - qtbase-opensource-src 5.15.10+dfsg-3 (bug #1041105) [bookworm] - qtbase-opensource-src <no-dsa> (Minor issue) [bullseye] - qtbase-opensource-src <no-dsa> (Minor issue) - [buster] - qtbase-opensource-src <no-dsa> (Minor issue) - qt4-x11 <removed> NOTE: https://www.qt.io/blog/security-advisory-qxmlstreamreader-1 NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/488960 @@ -64088,7 +64085,6 @@ CVE-2023-33285 (An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2 [bookworm] - qt6-base <no-dsa> (Minor issue) - qtbase-opensource-src 5.15.8+dfsg-11 [bullseye] - qtbase-opensource-src <no-dsa> (Minor issue) - [buster] - qtbase-opensource-src <no-dsa> (Minor issue) - qtbase-opensource-src-gles 5.15.10+dfsg-2 [bookworm] - qtbase-opensource-src-gles <no-dsa> (Minor issue) [bullseye] - qtbase-opensource-src-gles <no-dsa> (Minor issue) @@ -64260,7 +64256,6 @@ CVE-2023-32763 (An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, - qt6-base 6.4.2+dfsg-8 - qtbase-opensource-src 5.15.8+dfsg-10 [bullseye] - qtbase-opensource-src <no-dsa> (Minor issue) - [buster] - qtbase-opensource-src <no-dsa> (Minor issue) - qtbase-opensource-src-gles 5.15.8+dfsg-3 (bug #1036702) [bullseye] - qtbase-opensource-src-gles <no-dsa> (Minor issue) - qt4-x11 <removed> @@ -64273,7 +64268,6 @@ CVE-2023-32762 (An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, - qt6-base 6.4.2+dfsg-9 - qtbase-opensource-src 5.15.8+dfsg-10 [bullseye] - qtbase-opensource-src <no-dsa> (Minor issue) - [buster] - qtbase-opensource-src <postponed> (Can wait for next upload) - qtbase-opensource-src-gles <not-affected> (Not built in GLES variant) NOTE: https://github.com/qt/qtbase/commit/1b736a815be0222f4b24289cf17575fc15707305 CVE-2023-34408 (DokuWiki before 2023-04-04a allows XSS via RSS titles.) @@ -86282,7 +86276,6 @@ CVE-2022-48286 (The multi-screen collaboration module has a privilege escalation CVE-2023-24607 (Qt before 6.4.3 allows a denial of service via a crafted string when t ...) - qtbase-opensource-src 5.15.8+dfsg-3 (bug #1031872) [bullseye] - qtbase-opensource-src <no-dsa> (Minor issue) - [buster] - qtbase-opensource-src <no-dsa> (Minor issue) - qt6-base 6.4.2+dfsg-7 (bug #1031871) - qtbase-opensource-src-gles <not-affected> (GLES build only ships libqt5gui5, not the DB modules, see #1031873) NOTE: https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin diff --git a/data/DLA/list b/data/DLA/list index 012041f151..e92fb6182c 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[01 May 2024] DLA-3805-1 qtbase-opensource-src - security update + {CVE-2023-24607 CVE-2023-32762 CVE-2023-32763 CVE-2023-33285 CVE-2023-37369 CVE-2023-38197 CVE-2023-51714} + [buster] - qtbase-opensource-src 5.11.3+dfsg1-1+deb10u6 [30 Apr 2024] DLA-3804-1 nghttp2 - security update {CVE-2024-28182} [buster] - nghttp2 1.36.0-2+deb10u3 |