oss-sec mailing list archives
Re: CVE: Input validation failure affecting multiple KDE applications, as well as many other Qt-based applications
From: Jeff Mitchell <mitchell () kde org>
Date: Sun, 31 Jul 2011 23:00:25 -0400
On 07/29/2011 03:53 PM, Josh Bressers wrote:
OK, this one is going to get messy. If you folks want to keep this under embargo, please contact me in private for IDs (I don't want to try and keep track on a public list, I'm already unsure what all needs IDs). If this isn't terribly serious, it may make the most sense to publish details so we can figure out how many IDs are needed.
Hi Josh, As patches are either being worked on currently or finished for the various affected products that we're aware of, I think we'll get those committed, give the packagers a 48-hour heads-up, and then we'll just put the details on this list. Then you can assign CVEs as appropriate and we can reference those in the various security advisories. Does that sound good? Thanks, Jeff
Current thread:
- CVE: Input validation failure affecting multiple KDE applications, as well as many other Qt-based applications Jeff Mitchell (Jul 25)
- Re: CVE: Input validation failure affecting multiple KDE applications, as well as many other Qt-based applications Steven M. Christey (Jul 27)
- Re: CVE: Input validation failure affecting multiple KDE applications, as well as many other Qt-based applications Jeff Mitchell (Jul 28)
- Re: CVE: Input validation failure affecting multiple KDE applications, as well as many other Qt-based applications Josh Bressers (Jul 29)
- Re: CVE: Input validation failure affecting multiple KDE applications, as well as many other Qt-based applications Jeff Mitchell (Jul 31)
- Re: CVE: Input validation failure affecting multiple KDE applications, as well as many other Qt-based applications Jeff Mitchell (Jul 28)
- Re: CVE: Input validation failure affecting multiple KDE applications, as well as many other Qt-based applications Steven M. Christey (Jul 27)