-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael Gilbert escreveu: > On 5/6/08, Michael Gilbert wrote: >> i believe that this is actually an issue with webkit itself, not the >> libqt4-webkit package (which uses webkit as a library). CVE-2008-1025 >> seems to indicate that the issue is wholely within webkit (there is no >> mention of qt). > > i am mistaken, it looks like qt4-x11 duplicates the webkit source > code, rather than relying on it as a library, which in my opinion is > certainly not a very good approach. please ignore the previous > message. > >
Dear Michael, Yes, in fact qt4-x11 duplicates the webkit source code, and this is not a good approach. For you information, the webkit source package in sid was fixed since version 0~svn31841-1. Kind regards, - -- Eder L. Marques Just another weekend hacker http://blog.edermarques.net/ | http://www.debian.org/ http://administrando.net/ | http://www.debianbrasil.org/ http://www.fsfla.org/ | http://www.debian-ce.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQIVAwUBSCD0pz9tnxvLkedtAQJgmhAAlQZfhu67/t220pxE7AHNvR8yR/sLPuYG IgjlVqnU7LP+xDgKYs4F/x/kidOMor4zh2LzBNZMwji/be5PIZJlXKOJviKlupgi Z5GRqRA/+x9cZ0HryTESw819BC5MdaQau1touX7ZWwYSkDlyZ7aUTeXzfRWE7QnW aPSVWJLSsGyQUMiM5RJuqAP2pD7F+pnt7XbHnXs+Kgr9Z+RGjxYlmtcqSme1DTTP otwOpW8KdGAdVCiFZhiSDX3VG4T2RmBn+s73eLIh293mEBLK3RFCJHlYgLCfRpsV CVnVNkk7/I2klGd5+fX8Qfj4bWpWwPfotY+q7M8PlKQtiAYP/uxVqOU3UgmKffNE kyKsFoqydvEanBpFHS94MQzmaQWE+k7JmEf3HxkSL8cTGZUGo75rJ5UuuRqK/Yqh YlyMX87Kjej/Bb7x6cw1krjQvh8X3YLS0cpAPdOp/yX2rHhBqkC1rm2JOL4YU5Qc BzOf0mui/YI6h7DStj7dWo9OCXZYtTB0QY189qlOxlcCiKQs+garDxMjZzaODcgI JsZIrK6FiYEndhc9qVSRp82dut0EGMICXpg1ZK2ZyBHnkaqkDDKnan1BWAdiH5OP 5Sm9mu91lnd4sDCdi/PHDRsFU4Z+61BHDPNIb4499XcPQ9TP7RpMjHKn0IbdZYDj WF9V+7h2P3c= =hgHz -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
