| lisandro | do you still have qtbae 5.11 around? | 21:17 |
|---|---|---|
| lisandro | CVE-2020-17507 was marked as present starting from 5.12, but I really think it applies to 5.11 too | 21:17 |
| ubottu | An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17507) | 21:17 |
| lisandro | nice bot :-) | 21:17 |
| lisandro | I think it was marked as starting from 5.12 because it's the latest LTS... | 21:18 |
| lisandro | on the other hand I do not think CVE-2020-13962 applies, but a second pair of eyes will surely be a great thing | 21:18 |
| ubottu | Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected, regardless of the Qt version.) (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13962) | 21:18 |
| lisandro | and sorry if you don't have 5.11 around and I'm just making noise! | 21:19 |
| lisandro | <lisandro> do you still have qtbae 5.11 around? ← qbase | 21:19 |
| lisandro | argh | 21:19 |
| * lisandro does a lots of typos and this keyboard does not helps | 21:19 | |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!