Hi Nico, On Sun, Nov 18, 2007 at 05:52:10PM +0100, Nico Golde wrote: > Package: konqueror > Severity: important > > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for konqueror. > > CVE-2007-6000[0]: > | KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a > | denial of service (crash) via large HTTP cookie parameters. > > If you fix this vulnerability please also include the CVE id > in your changelog entry. > > At the moment we didn't rate this bug as a security concern, > please check back with upstream. > > For further information: > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6000
The real bug here is in Qt3, that is not being fixed anymore by upstream (working now in Qt4). The bug is not considered a serious security concern and it surely won't be fixed. Ana -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
