[Secure-testing-team] [Secure-testing-commits] r12073 - data/CVE

Luciano Bello luciano at debian.org
Wed Jun 10 22:25:52 UTC 2009

El Lun 08 Jun 2009, Michael S. Gilbert escribió:
> > Modified:
> >    data/CVE/list
> > Log:
> > CVE-2009-0945 NOT-FOR-US
> are you sure about this?  most of the advisories say it is indeed
> webkit-specific, but i can't determine whether this is true or not
> since the the bug report is currently blocked [1].
> [1] https://bugs.webkit.org/show_bug.cgi?id=24730

You are totally right. In fact, the PoC provokes a segfault in our libqt4-webkit (tested with 4.5.1-2).

This IS for us, we are affected and it is an <unfixed>.

I'm really sorry, I already fixed data/CVE/list.

thanks, luciano.

More information about the Secure-testing-team mailing list