SciLinux: CVE-2007-0242 qt SL5.x, SL4.x, SL3,x i386/x86_64

Date:         Thu, 13 Sep 2007 15:30:47 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA for qt on SL5.x, SL4.x, SL3,x i386/x86_64
Comments: To: scientific-linux-errata@fnal.gov

Synopsis:	Important: qt security update
Issue date:	2007-09-13
CVE Names:	CVE-2007-0242 CVE-2007-4137

A flaw was found in the way Qt expanded certain UTF8 characters. It was
possible to prevent a Qt-based application from properly sanitizing user
supplied input. This could, for example, result in a cross-site scripting
attack against the Konqueror web browser. (CVE-2007-0242)

A buffer overflow flaw was found in the way Qt expanded malformed Unicode
strings. If an application linked against Qt parsed a malicious Unicode
string, it could lead to a denial of service or possibly allow the
execution of arbitrary code. (CVE-2007-4137)

SL 3.0.x

   SRPMS:
	qt-3.1.2-17.RHEL3.src.rpm
   i386:
	qt-3.1.2-17.RHEL3.i386.rpm
	qt-config-3.1.2-17.RHEL3.i386.rpm
	qt-designer-3.1.2-17.RHEL3.i386.rpm
	qt-devel-3.1.2-17.RHEL3.i386.rpm
	qt-MySQL-3.1.2-17.RHEL3.i386.rpm
	qt-ODBC-3.1.2-17.RHEL3.i386.rpm
	qt-PostgreSQL-3.1.2-17.RHEL3.i386.rpm
   x86_64:
	qt-3.1.2-17.RHEL3.i386.rpm
	qt-3.1.2-17.RHEL3.x86_64.rpm
	qt-config-3.1.2-17.RHEL3.x86_64.rpm
	qt-designer-3.1.2-17.RHEL3.x86_64.rpm
	qt-devel-3.1.2-17.RHEL3.x86_64.rpm
	qt-MySQL-3.1.2-17.RHEL3.x86_64.rpm
	qt-ODBC-3.1.2-17.RHEL3.x86_64.rpm
	qt-PostgreSQL-3.1.2-17.RHEL3.x86_64.rpm

SL 4.x

   SRPMS:
	qt-3.3.3-13.RHEL4.src.rpm
   i386:
	qt-3.3.3-13.RHEL4.i386.rpm
	qt-config-3.3.3-13.RHEL4.i386.rpm
	qt-designer-3.3.3-13.RHEL4.i386.rpm
	qt-devel-3.3.3-13.RHEL4.i386.rpm
	qt-MySQL-3.3.3-13.RHEL4.i386.rpm
	qt-ODBC-3.3.3-13.RHEL4.i386.rpm
	qt-PostgreSQL-3.3.3-13.RHEL4.i386.rpm
   x86_64:
	qt-3.3.3-13.RHEL4.i386.rpm
	qt-3.3.3-13.RHEL4.x86_64.rpm
	qt-config-3.3.3-13.RHEL4.x86_64.rpm
	qt-designer-3.3.3-13.RHEL4.x86_64.rpm
	qt-devel-3.3.3-13.RHEL4.x86_64.rpm
	qt-MySQL-3.3.3-13.RHEL4.x86_64.rpm
	qt-ODBC-3.3.3-13.RHEL4.x86_64.rpm
	qt-PostgreSQL-3.3.3-13.RHEL4.x86_64.rpm

SL 5.x

   SRPMS:
	qt-3.3.6-23.el5.src.rpm
   i386:
	qt-3.3.6-23.el5.i386.rpm
	qt-config-3.3.6-23.el5.i386.rpm
	qt-designer-3.3.6-23.el5.i386.rpm
	qt-devel-3.3.6-23.el5.i386.rpm
	qt-devel-docs-3.3.6-23.el5.i386.rpm
	qt-MySQL-3.3.6-23.el5.i386.rpm
	qt-ODBC-3.3.6-23.el5.i386.rpm
	qt-PostgreSQL-3.3.6-23.el5.i386.rpm
   x86_64:
	qt-3.3.6-23.el5.i386.rpm
	qt-3.3.6-23.el5.x86_64.rpm
	qt-config-3.3.6-23.el5.x86_64.rpm
	qt-designer-3.3.6-23.el5.x86_64.rpm
	qt-devel-3.3.6-23.el5.i386.rpm
	qt-devel-3.3.6-23.el5.x86_64.rpm
	qt-devel-docs-3.3.6-23.el5.x86_64.rpm
	qt-MySQL-3.3.6-23.el5.x86_64.rpm
	qt-ODBC-3.3.6-23.el5.x86_64.rpm
	qt-PostgreSQL-3.3.6-23.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson

Date: Thu, 13 Sep 2007 15:30:47 -0500Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for qt on SL5.x, SL4.x, SL3,x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis: Important: qt security updateIssue date: 2007-09-13CVE Names: CVE-2007-0242 CVE-2007-4137A flaw was found in the way Qt expanded certain UTF8 characters. It waspossible to prevent a Qt-based application from properly sanitizing usersupplied input. This could, for example, result in a cross-site scriptingattack against the Konqueror web browser. (CVE-2007-0242)A buffer overflow flaw was found in the way Qt expanded malformed Unicodestrings. If an application linked against Qt parsed a malicious Unicodestring, it could lead to a denial of service or possibly allow theexecution of arbitrary code. (CVE-2007-4137)SL 3.0.x SRPMS: qt-3.1.2-17.RHEL3.src.rpm i386: qt-3.1.2-17.RHEL3.i386.rpm qt-config-3.1.2-17.RHEL3.i386.rpm qt-designer-3.1.2-17.RHEL3.i386.rpm qt-devel-3.1.2-17.RHEL3.i386.rpm qt-MySQL-3.1.2-17.RHEL3.i386.rpm qt-ODBC-3.1.2-17.RHEL3.i386.rpm qt-PostgreSQL-3.1.2-17.RHEL3.i386.rpm x86_64: qt-3.1.2-17.RHEL3.i386.rpm qt-3.1.2-17.RHEL3.x86_64.rpm qt-config-3.1.2-17.RHEL3.x86_64.rpm qt-designer-3.1.2-17.RHEL3.x86_64.rpm qt-devel-3.1.2-17.RHEL3.x86_64.rpm qt-MySQL-3.1.2-17.RHEL3.x86_64.rpm qt-ODBC-3.1.2-17.RHEL3.x86_64.rpm qt-PostgreSQL-3.1.2-17.RHEL3.x86_64.rpmSL 4.x SRPMS: qt-3.3.3-13.RHEL4.src.rpm i386: qt-3.3.3-13.RHEL4.i386.rpm qt-config-3.3.3-13.RHEL4.i386.rpm qt-designer-3.3.3-13.RHEL4.i386.rpm qt-devel-3.3.3-13.RHEL4.i386.rpm qt-MySQL-3.3.3-13.RHEL4.i386.rpm qt-ODBC-3.3.3-13.RHEL4.i386.rpm qt-PostgreSQL-3.3.3-13.RHEL4.i386.rpm x86_64: qt-3.3.3-13.RHEL4.i386.rpm qt-3.3.3-13.RHEL4.x86_64.rpm qt-config-3.3.3-13.RHEL4.x86_64.rpm qt-designer-3.3.3-13.RHEL4.x86_64.rpm qt-devel-3.3.3-13.RHEL4.x86_64.rpm qt-MySQL-3.3.3-13.RHEL4.x86_64.rpm qt-ODBC-3.3.3-13.RHEL4.x86_64.rpm qt-PostgreSQL-3.3.3-13.RHEL4.x86_64.rpmSL 5.x SRPMS: qt-3.3.6-23.el5.src.rpm i386: qt-3.3.6-23.el5.i386.rpm qt-config-3.3.6-23.el5.i386.rpm qt-designer-3.3.6-23.el5.i386.rpm qt-devel-3.3.6-23.el5.i386.rpm qt-devel-docs-3.3.6-23.el5.i386.rpm qt-MySQL-3.3.6-23.el5.i386.rpm qt-ODBC-3.3.6-23.el5.i386.rpm qt-PostgreSQL-3.3.6-23.el5.i386.rpm x86_64: qt-3.3.6-23.el5.i386.rpm qt-3.3.6-23.el5.x86_64.rpm qt-config-3.3.6-23.el5.x86_64.rpm qt-designer-3.3.6-23.el5.x86_64.rpm qt-devel-3.3.6-23.el5.i386.rpm qt-devel-3.3.6-23.el5.x86_64.rpm qt-devel-docs-3.3.6-23.el5.x86_64.rpm qt-MySQL-3.3.6-23.el5.x86_64.rpm qt-ODBC-3.3.6-23.el5.x86_64.rpm qt-PostgreSQL-3.3.6-23.el5.x86_64.rpm-Connie Sieh-Troy Dawson

SciLinux: CVE-2007-0242 qt SL5.x, SL4.x, SL3,x i386/x86_64

Summary

Security Fixes

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By