On Thursday, 14 October 2021 19:23:19 PDT lck wrote: > qt 5.12.7: > CVE-2020-24742
This one is fixed. It just got a new number because we messed up at Intel and reused the number originally used for the vulnerability. $ git -P tag --contains fa2323e37b667aaa9cd615e2a7e7421831a2bd6b v5.12.7 v5.12.8 v5.12.9 v5.12.10 v5.12.11 > CVE-2021-38593 This one was not cherry-picked to 5.12. Feel free to cherry-pick it. The links are in the NVD entry. > openssl 1.1.1d: Upgrade. NEVER, EVER ship software with OpenSSL unless it's the absolutely latest version. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel DPG Cloud Engineering _______________________________________________ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
