[Secure-testing-team] [Secure-testing-commits] r12073 - data/CVE
Michael S. Gilbert
michael.s.gilbert at gmail.com
Wed Jun 10 22:33:33 UTC 2009
On Wed, 10 Jun 2009 19:25:52 -0300, Luciano Bello wrote:
> El Lun 08 Jun 2009, Michael S. Gilbert escribió:
> > > Modified:
> > > data/CVE/list
> > > Log:
> > > CVE-2009-0945 NOT-FOR-US
> >
> > are you sure about this? most of the advisories say it is indeed
> > webkit-specific, but i can't determine whether this is true or not
> > since the the bug report is currently blocked [1].
> >
> > [1] https://bugs.webkit.org/show_bug.cgi?id=24730
>
> You are totally right. In fact, the PoC provokes a segfault in our libqt4-webkit (tested with 4.5.1-2).
>
> This IS for us, we are affected and it is an <unfixed>.
>
> I'm really sorry, I already fixed data/CVE/list.
no problem. thanks for checking. what about plain-old gtk wekbit?
mike
More information about the Secure-testing-team
mailing list