[Development] New Qt vulnerabilities

Thiago Macieira thiago.macieira at intel.com
Thu Jan 30 19:56:18 CET 2020

On Thursday, 30 January 2020 09:16:19 PST Olivier Goffart wrote:
> > I actually found that the patch applies to 5.7, and even qt4 with the
> > proper modifications. Is there something else in the code that limits
> > the affected version or maybe it does affects older versions too?
> The patch just make sure that we don't do wrong call when the search
> prefixes contains '/'
> But before 5.12 (commit 5219c37f7c98f37f078fee00fe8ca35d83ff4f5d), there
> were no search prefixes with '/' in them.
> So no need to apply the patch in earlier versions.

Right, the patch applies but there's no vulnerability to be mitigated in the 
first place. The issue was introduced in 5.12.0 with the search for "haswell/" 

Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel System Software Products

More information about the Development mailing list