[Interest] Qt and OpenSSL Vuluerabilities Impact on Qt Insteller Framework
Thiago Macieira
thiago.macieira at intel.com
Fri Oct 15 05:05:41 CEST 2021
On Thursday, 14 October 2021 19:23:19 PDT lck wrote:
> qt 5.12.7:
> CVE-2020-24742
This one is fixed. It just got a new number because we messed up at Intel and
reused the number originally used for the vulnerability.
$ git -P tag --contains fa2323e37b667aaa9cd615e2a7e7421831a2bd6b
v5.12.7
v5.12.8
v5.12.9
v5.12.10
v5.12.11
> CVE-2021-38593
This one was not cherry-picked to 5.12. Feel free to cherry-pick it. The links
are in the NVD entry.
> openssl 1.1.1d:
Upgrade. NEVER, EVER ship software with OpenSSL unless it's the absolutely
latest version.
--
Thiago Macieira - thiago.macieira (AT) intel.com
Software Architect - Intel DPG Cloud Engineering
More information about the Interest
mailing list