Hi,
On Wed, May 13, 2015 at 07:43:47PM +0800, Paul Wise wrote:
> On Wed, May 13, 2015 at 5:26 PM, Dominic Hargreaves wrote:
>
> > As far as I can tell from
> >
> > https://security-tracker.debian.org/tracker/CVE-2013-4422
> >
> > wheezy wasn't affected by the original CVE since the version of QT
On Wed, May 13, 2015 at 5:26 PM, Dominic Hargreaves wrote:
> As far as I can tell from
>
> https://security-tracker.debian.org/tracker/CVE-2013-4422
>
> wheezy wasn't affected by the original CVE since the version of QT
> there is < 4.8.5. Is that correct? If so, what's the right way to mark this
On Tue, May 12, 2015 at 09:40:49PM +0200, Alessandro Ghedini wrote:
> It was discovered that the fix for CVE-2013-4422 in quassel, a
> distributed IRC client, was incomplete. This could allow remote
> attackers to inject SQL queries after a database reconnection (e.g.
> when the backend PostgreSQL
3 matches
Mail list logo
