Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
89
security advisorymoderatefedoraUbuntu 21.10: 2021-5f270d7a6b High: Python Input Validation Flaw
CVE-2020-24741, Do not attempt to load a library relative to $PWD. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-4b190fd271 2021-10-29 22:48:33.392283 --------------------------------------------------------------------------------Name : qt Product : Fedora 35 Version : 4.8.7 Release : 65.fc35 URL : https://contribute.qt-project.org/ Summary : Qt toolkit Description : Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. --------------------------------------------------------------------------------Update Information: CVE-2020-24741, Do not attempt to load a library relative to $PWD --------------------------------------------------------------------------------ChangeLog: * Tue Oct 12 2021 Than Ngo - 1:4.8.7-65 - CVE-2020-24741, Do not attempt to load a library relative to $PWD * Tue Sep 14 2021 Sahana Prasad - 1:4.8.7-64 - Rebuilt with OpenSSL 3.0.0 * Thu Jul 29 2021 Than Ngo - 4.8.7-63 - Fixed FTBFS against firebird-4.0.0 --------------------------------------------------------------------------------References: [ 1 ] Bug #1993132 - CVE-2020-24741 qt: QLibrary loads libraries relative to CWD which could result in arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=1993132 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-4b190fd271' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 29, 2021
Fedora
89
security advisoryfedoraupdateFedora 34 2021-613052e94d Critical: Qt Out Of Bounds Risk
An out of bounds read in function QRadialFetchSimd from crafted svg file may lead to information disclosure or other potential consequences. This update includes the backported upstream fix and should resolve the security issue.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-613052e94d 2021-03-25 00:15:39.359229 --------------------------------------------------------------------------------Name : qt Product : Fedora 34 Version : 4.8.7 Release : 60.fc34 URL : https://contribute.qt-project.org/ Summary : Qt toolkit Description : Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. --------------------------------------------------------------------------------Update Information: An out of bounds read in function QRadialFetchSimd from crafted svg file may lead to information disclosure or other potential consequences. This update includes the backported upstream fix and should resolve the security issue. --------------------------------------------------------------------------------ChangeLog: * Tue Mar 9 2021 Than Ngo - 4.8.7-60 - Resolves: #1931444, Clamp parsed doubles to float representable values --------------------------------------------------------------------------------References: [ 1 ] Bug #1931444 - qt: Out of bounds read in function QRadialFetchSimd from crafted svg file https://bugzilla.redhat.com/show_bug.cgi?id=1931444 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-613052e94d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project canbe found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 24, 2021
•Critical
Fedora
197
security advisorydebianbuffer over-readDebian: DLA-2376-1 Critical: Qt Toolkit Image Crash Fix
Several vulnerabilities were fixed in the Qt toolkit. CVE-2018-19872 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2376-1
Sep 28, 2020
•Critical
Debian LTS
89
security advisoryupdatebuffer overflowFedora 32: FEDORA-2020-b8091188d0 Medium: qt Buffer Over-Read
Security fix for CVE-2020-17507. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-b8091188d0 2020-08-16 01:04:33.325392 --------------------------------------------------------------------------------Name : qt Product : Fedora 32 Version : 4.8.7 Release : 55.fc32 URL : https://contribute.qt-project.org/ Summary : Qt toolkit Description : Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2020-17507 --------------------------------------------------------------------------------ChangeLog: * Thu Aug 13 2020 Than Ngo - 4.8.7-55 - fixed #1868534 - CVE-2020-17507 * Wed Jul 29 2020 Fedora Release Engineering - 1:4.8.7-54 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 1 2020 Jeff Law - 4.8.7-53 - Disable LTO --------------------------------------------------------------------------------References: [ 1 ] Bug #1868532 - CVE-2020-17507 qt: buffer over-read in read_xbm_body in gui/image/qxbmhandler.cpp https://bugzilla.redhat.com/show_bug.cgi?id=1868532 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-b8091188d0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list
Aug 15, 2020
•Medium
Fedora
89
security advisorycriticalFedoraFedora 21: FEDORA-2015-6252 Critical: qt Segmentation Faults
Security fix for CVE-2015-1859, CVE-2015-1858, CVE-2015-1860. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-6252 2015-04-18 05:38:14 -------------------------------------------------------------------------------- Name : qt Product : Fedora 21 Version : 4.8.6 Release : 28.fc21 URL : https://contribute.qt-project.org/ Summary : Qt toolkit Description : Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2015-1859, CVE-2015-1858, CVE-2015-1860 -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 13 2015 Than Ngo - 1:4.8.6-28 - bz#1210677, CVE-2015-1860 CVE-2015-1859 CVE-2015-1858 * Thu Mar 26 2015 Richard Hughes - 1:4.8.6-27 - Add an AppData file for the software center * Fri Mar 20 2015 Rex Dieter 1:4.8.6-26 - macros.qt4: fix _qt4_evr macro (missing : after epoch) * Fri Feb 27 2015 Rex Dieter 1:4.8.6-25 - DoS vulnerability in the BMP image handler (CVE-2015-0295) * Mon Feb 16 2015 Rex Dieter 1:4.8.6-24 - more gcc5 detection fixes, in particular, ensure same QT_BUILD_KEY as gcc4 for now * Fri Feb 13 2015 Rex Dieter - 1:4.8.6-23 - Qt: FTBFS with gcc5 (#1192464) - Make Adwaita the default theme for applications running in the GNOME DE (#1192453) * Wed Feb 11 2015 Rex Dieter 1:4.8.6-22 - rebuild (gcc5) * Thu Jan 29 2015 Rex Dieter 1:4.8.6-21 - refresh boost/moc patch (QTBUG-22829) * Sun Jan 18 2015 Rex Dieter 1:4.8.6-20 - fix %pre scriptlet (#1183299) * Sat Jan 17 2015 Rex Dieter 1:4.8.6-19 - ship /etc/xdg/qtchooser/4.conf alternative instead (of qt4.conf) * Wed Nov 26 2014 Rex Dieter 1:4.8.6-18 - omit previously-overlooked webkit bits (#1168259) * Sun Nov 9 2014 Rex Dieter 1:4.8.6-17 - Broken qmake_qt4 in /usr/lib/rpm/macros.d/macros.qt4(#1161927) * Mon Nov 3 2014 Rex Dieter 1:4.8.6-16 - macros.qt4: standalone, improved %qmake_qt4 macro (sync'd with qt5 version) * Sat Nov 1 2014 Kevin Kofler - 1:4.8.6-15 - sync system-clucene patch from qt5-qttools (some QDir::mkpath in QtCLucene) * Sun Oct 26 2014 Kevin Kofler - 1:4.8.6-14 - build against the system clucene09-core (same patch as for qt5-qttools) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1210673 - CVE-2015-1858 qt: segmentation fault in qbmphandler.cpp https://bugzilla.redhat.com/show_bug.cgi?id=1210673 [ 2 ] Bug #1210674 - CVE-2015-1859 qt: segmentation fault in qicohandler.cpp https://bugzilla.redhat.com/show_bug.cgi?id=1210674 [ 3 ] Bug #1210675 - CVE-2015-1860 qt: segmentation fault in qgifhandler.cpp https://bugzilla.redhat.com/show_bug.cgi?id=1210675 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update qt' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 30, 2015
•Critical
Fedora
89
security advisorysecurity updatesecurity issueFedora: 11 FEDORA-2009-9231 Moderate: Qt SSL Certificate Issue
security fix for CVE-2009-2700. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-9231 2009-09-03 00:09:58 --------------------------------------------------------------------------------Name : qt Product : Fedora 11 Version : 4.5.2 Release : 3.fc11 URL : https://qtsoftware.info/?v=0b3b97fa6688 Summary : Qt toolkit Description : Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. --------------------------------------------------------------------------------Update Information: security fix for CVE-2009-2700 --------------------------------------------------------------------------------ChangeLog: * Mon Aug 31 2009 Than Ngo - 4.5.2-3 - fix for CVE-2009-2700 * Tue Aug 18 2009 Than Ngo - 4.5.2-2 - security fix for CVE-2009-1725 * Tue Aug 18 2009 Rex Dieter 4.5.2-1.2 - kde-qt: 287-qmenu-respect-minwidth - kde-qt: 0288-more-x-keycodes (#475247) * Wed Aug 5 2009 Rex Dieter 4.5.2-1.1 - use linker scripts for _debug targets (#510246) - apply upstream patch to fix issue in Copy and paste - optimize (icon-mostly) scriptlets - -x11: Requires(post,postun): /sbin/ldconfig * Thu Jul 2 2009 Than Ngo - 4.5.2-1 - 4.5.2 * Sat May 30 2009 Rex Dieter - 4.5.1-13 - -doc: Obsoletes: qt-doc < 1:4.5.1-4 (workaround bug #502401) * Sat May 23 2009 Rex Dieter - 4.5.1-12 - +phonon_internal macro to toggle packaging of qt's phonon (default off) * Fri May 22 2009 Rex Dieter - 4.5.1-11 - qt-copy-patches-20090522 * Wed May 20 2009 Rex Dieter - 4.5.1-10.2 - full (non-bootstrap) build * Wed May 20 2009 Rex Dieter - 4.5.1-10.1 - allow for minimal bootstrap build (*cough* arm *cough*) * Wed May 6 2009 Rex Dieter - 4.5.1-10 - improved kde4_plugins patch, skip expensive/unneeded canonicalPath * Wed May 6 2009 Rex Dieter - 4.5.1-9 - include kde4 plugin path by default (#498809) * Mon May 4 2009Rex Dieter - 4.5.1-8 - fix invalid assumptions about mysql_config --libs (bug #440673) - fix %files breakage from 4.5.1-5 * Wed Apr 29 2009 Rex Dieter - 4.5.1-7 - -devel: Provides: qt4-devel%{?_isa} ... * Mon Apr 27 2009 Than Ngo - 4.5.1-6 - drop useless hunk of qt-x11-opensource-src-4.5.1-enable_ft_lcdfilter.patch * Mon Apr 27 2009 Rex Dieter - 4.5.1-5 - -devel: Provides: *-static for libQtUiTools.a * Fri Apr 24 2009 Rex Dieter - 4.5.1-4 - qt-doc noarch - qt-demos, qt-examples (split from -doc) - (cosmetic) re-order subpkgs in alphabetical order - drop unused profile.d bits * Fri Apr 24 2009 Rex Dieter - 4.5.1-3 - enable FT_LCD_FILTER (uses freetype subpixel filters if available at runtime) * Fri Apr 24 2009 Than Ngo - 4.5.1-2 - apply upstream patch to fix the svg rendering regression * Thu Apr 23 2009 Than Ngo - 4.5.1-1 - 4.5.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #520435 - CVE-2009-2700 Qt: QSslCertificate incorrect verification of SSL certificate with NUL in subjectAltName https://bugzilla.redhat.com/show_bug.cgi?id=520435 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update qt' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list
Sep 02, 2009
Fedora
89
security advisoryfedorasoftware patchFedora 10: 2009-9232 Critical Update for Qt 4.5.2 DoS Fix
security fix for CVE-2009-2700. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-9232 2009-09-03 00:09:58 --------------------------------------------------------------------------------Name : qt Product : Fedora 10 Version : 4.5.2 Release : 3.fc10 URL : https://qtsoftware.info/?v=0b3b97fa6688 Summary : Qt toolkit Description : Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. --------------------------------------------------------------------------------Update Information: security fix for CVE-2009-2700 --------------------------------------------------------------------------------ChangeLog: * Mon Aug 31 2009 Than Ngo - 4.5.2-3 - fix for CVE-2009-2700 * Tue Aug 18 2009 Than Ngo - 4.5.2-2 - security fix for CVE-2009-1725 * Tue Aug 18 2009 Rex Dieter 4.5.2-1.2 - kde-qt: 287-qmenu-respect-minwidth - kde-qt: 0288-more-x-keycodes (#475247) * Wed Aug 5 2009 Rex Dieter 4.5.2-1.1 - use linker scripts for _debug targets (#510246) - apply upstream patch to fix issue in Copy and paste - optimize (icon-mostly) scriptlets - -x11: Requires(post,postun): /sbin/ldconfig * Thu Jul 2 2009 Than Ngo - 4.5.2-1 - 4.5.2 * Sat May 30 2009 Rex Dieter - 4.5.1-13 - -doc: Obsoletes: qt-doc < 1:4.5.1-4 (workaround bug #502401) * Sat May 23 2009 Rex Dieter - 4.5.1-12 - +phonon_internal macro to toggle packaging of qt's phonon (default off) * Fri May 22 2009 Rex Dieter - 4.5.1-11 - qt-copy-patches-20090522 * Wed May 20 2009 Rex Dieter - 4.5.1-10.2 - full (non-bootstrap) build * Wed May 20 2009 Rex Dieter - 4.5.1-10.1 - allow for minimal bootstrap build (*cough* arm *cough*) * Wed May 6 2009 Rex Dieter - 4.5.1-10 - improved kde4_plugins patch, skip expensive/unneeded canonicalPath * Wed May 6 2009 Rex Dieter - 4.5.1-9 - include kde4 plugin path by default (#498809) * Mon May 4 2009Rex Dieter - 4.5.1-8 - fix invalid assumptions about mysql_config --libs (bug #440673) - fix %files breakage from 4.5.1-5 * Wed Apr 29 2009 Rex Dieter - 4.5.1-7 - -devel: Provides: qt4-devel%{?_isa} ... * Mon Apr 27 2009 Than Ngo - 4.5.1-6 - drop useless hunk of qt-x11-opensource-src-4.5.1-enable_ft_lcdfilter.patch * Mon Apr 27 2009 Rex Dieter - 4.5.1-5 - -devel: Provides: *-static for libQtUiTools.a * Fri Apr 24 2009 Rex Dieter - 4.5.1-4 - qt-doc noarch - qt-demos, qt-examples (split from -doc) - (cosmetic) re-order subpkgs in alphabetical order - drop unused profile.d bits * Fri Apr 24 2009 Rex Dieter - 4.5.1-3 - enable FT_LCD_FILTER (uses freetype subpixel filters if available at runtime) * Fri Apr 24 2009 Than Ngo - 4.5.1-2 - apply upstream patch to fix the svg rendering regression * Thu Apr 23 2009 Than Ngo - 4.5.1-1 - 4.5.1 * Tue Apr 14 2009 Rex Dieter - 4.5.0-14 - fix vrgb/vgbr corruption, disable QT_USE_FREETYPE_LCDFILTER (#490377) * Fri Apr 10 2009 Than Ngo - 4.5.0-13 - unneeded executable permissions for profile.d scripts * Wed Apr 1 2009 Kevin Kofler - 4.5.0-12 - fix inline asm in qatomic (de)ref (i386/x86_64), should fix Kolourpaint crash * Mon Mar 30 2009 Rex Dieter - 4.5.0-11 - qt fails to build on ia64 (#492174) * Wed Mar 25 2009 Rex Dieter - 4.5.0-10 - qt-copy-patches-20090325 * Tue Mar 24 2009 Than Ngo - 4.5.0-9 - lrelease only shows warning when duplicate messages found in *.ts( #491514) * Fri Mar 20 2009 Rex Dieter - 4.5.0-8 - qt-copy-patches-20090319 * Thu Mar 19 2009 Rex Dieter - 4.5.0-7 - include more phonon bits, attempt to fix/provide phonon bindings for qtscriptgenerator, PyQt, ... * Tue Mar 17 2009 Than Ngo - 4.5.0-6 - fix lupdate segfault (#486866) * Sat Mar 14 2009 Dennis Gilmore - 4.5.0-5 - add patch for sparc64. - _Atomic_word is not always an int * Tue Mar 10 2009 Rex Dieter - 4.5.0-4 - macros.qt4: %_qt45 - cleanup more phonon-related left-overs * Wed Mar 4 2009 Rex Dieter - 4.5.0-3 --no-phonon-backend - include qdoc3 - move designer plugins to runtime (#487622) * Tue Mar 3 2009 Rex Dieter - 4.5.0-2 - License: LGPLv2 with exceptions or GPLv3 with exceptions - BR: gstreamer-devel - drop qgtkstyle patch (no longer needed) - -x11: move libQtScriptTools here (linked with libQtGui) * Tue Mar 3 2009 Than Ngo - 4.5.0-1 - 4.5.0 * Fri Feb 27 2009 Rex Dieter - 1:4.5.0-0.8.20090224 - 20090224 snapshot - adjust pkgconfig hackery * Wed Feb 25 2009 Fedora Release Engineering - 1:4.5.0-0.7.rc1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Sun Feb 22 2009 Rex Dieter 4.5.0-0.5.rc1 - revert license, change won't land until official 4.5.0 release - workaround broken qhostaddress.h (#485677) - Provides: qgtkstyle = 0.1 * Fri Feb 20 2009 Rex Dieter 4.5.0-0.4.rc1 - saner versioned Obsoletes - -gtkstyle, Obsoletes: qgtkstyle < 0.1 - enable phonon support and associated hackery * Mon Feb 16 2009 Than Ngo 4.5.0-0.3.rc1 - fix callgrindChildExitCode is uninitialzed * Sun Feb 15 2009 Rex Dieter - 4.5.0-0.2.rc1 - qt-copy-patches-20090215 - License: +LGPLv2 * Wed Feb 11 2009 Than Ngo - 4.5.0-0.rc1.0 - 4.5.0 rc1 * Thu Feb 5 2009 Rex Dieter 4.4.3-16 - track branches/qt-copy/4.4, and backout previous trunk(qt45) ones * Mon Feb 2 2009 Than Ngo 4.4.3-15 - disable 0269,0270,0271 patches, it causes issue in systray * Thu Jan 29 2009 Rex Dieter - 4.4.3-14 - qt-copy-patches-20090129 * Mon Jan 26 2009 Rex Dieter - 4.4.3-13 - Provides: qt4%{?_isa} = %version-%release - add %_qt4 to macros.qt4 * Thu Jan 22 2009 Rex Dieter - 4.4.3-12 - respin (mysql) * Fri Jan 16 2009 Kevin Kofler - 4.4.3-11 - rebuild for new OpenSSL * Mon Jan 12 2009 Rex Dieter - 4.4.3-10 - drop qt-x11-opensource-src-4.3.4-no-hardcoded-font-aliases.patch (#447298), in favor of qt-copy's 0263-fix-fontconfig-handling.diff * Mon Jan 12 2009 Than Ngo - 4.4.3-9 - qt-copy-patches-20090112 * Tue Dec 30 2008 Rex Dieter 4.4.3-8 - qt-copy-patches-20081225 * FriDec 12 2008 Rex Dieter 4.4.3-7 - rebuild for pkgconfig deps * Wed Nov 12 2008 Rex Dieter 4.4.3-6 - qt-copy-patches-20081112 * Tue Nov 11 2008 Than Ngo 4.4.3-5 - drop 0256-fix-recursive-backingstore-sync-crash.diff, it's included in qt-copy-pathes-20081110 * Mon Nov 10 2008 Rex Dieter 4.4.3-4 - qt-copy-patches-20081110 * Mon Nov 10 2008 Than Ngo 4.4.3-3 - apply 0256-fix-recursive-backingstore-sync-crash.diff --------------------------------------------------------------------------------References: [ 1 ] Bug #520435 - CVE-2009-2700 Qt: QSslCertificate incorrect verification of SSL certificate with NUL in subjectAltName https://bugzilla.redhat.com/show_bug.cgi?id=520435 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update qt' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list
Sep 02, 2009
•Critical
Fedora
89
security advisorydenial of servicefedoraFedora 10: qt-4.5.2-2 Moderate: Memory Corruption Denial Of Service
Qt's WebKit code did not properly handle numeric character references, which could allow remote attackers to cause a denial of service (memory corruption and application crash) via a crafted HTML document. Also included is: * a fix for lib symlinks changing erroneously on upgrades * a fix for Copy and paste issues * added support for more x keycodes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-8802 2009-08-20 20:33:45 -------------------------------------------------------------------------------- Name : qt Product : Fedora 10 Version : 4.5.2 Release : 2.fc10 URL : https://qtsoftware.info/?v=0b3b97fa6688 Summary : Qt toolkit Description : Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. -------------------------------------------------------------------------------- Update Information: Qt's WebKit code did not properly handle numeric character references, which could allow remote attackers to cause a denial of service (memory corruption and application crash) via a crafted HTML document. Also included is: * a fix for lib symlinks changing erroneously on upgrades * a fix for Copy and paste issues * added support for more x keycodes -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 18 2009 Than Ngo - 4.5.2-2 - security fix for CVE-2009-1725 * Tue Aug 18 2009 Rex Dieter 4.5.2-1.2 - kde-qt: 287-qmenu-respect-minwidth - kde-qt: 0288-more-x-keycodes (#475247) * Wed Aug 5 2009 Rex Dieter 4.5.2-1.1 - use linker scripts for _debug targets (#510246) - apply upstream patch to fix issue in Copy and paste - optimize (icon-mostly) scriptlets - -x11: Requires(post,postun): /sbin/ldconfig * Thu Jul 2 2009 Than Ngo - 4.5.2-1 - 4.5.2 * Sat May 30 2009 Rex Dieter - 4.5.1-13 - -doc: Obsoletes: qt-doc < 1:4.5.1-4 (workaround bug #502401) * Sat May 23 2009 Rex Dieter - 4.5.1-12 - +phonon_internal macro to toggle packaging of qt's phonon (default off) * Fri May 22 2009 Rex Dieter - 4.5.1-11 - qt-copy-patches-20090522 * Wed May 20 2009 Rex Dieter - 4.5.1-10.2 - full (non-bootstrap) build * Wed May 20 2009 Rex Dieter - 4.5.1-10.1 - allow for minimal bootstrap build (*cough* arm *cough*) * Wed May 6 2009 Rex Dieter - 4.5.1-10 - improved kde4_plugins patch, skip expensive/unneeded canonicalPath * Wed May 6 2009 Rex Dieter - 4.5.1-9 - include kde4 plugin path by default (#498809) * Mon May 4 2009 Rex Dieter - 4.5.1-8 - fix invalid assumptions about mysql_config --libs (bug #440673) - fix %files breakage from 4.5.1-5 * Wed Apr 29 2009 Rex Dieter - 4.5.1-7 - -devel: Provides: qt4-devel%{?_isa} ... * Mon Apr 27 2009 Than Ngo - 4.5.1-6 - drop useless hunk of qt-x11-opensource-src-4.5.1-enable_ft_lcdfilter.patch * Mon Apr 27 2009 Rex Dieter - 4.5.1-5 - -devel: Provides: *-static for libQtUiTools.a * Fri Apr 24 2009 Rex Dieter - 4.5.1-4 - qt-doc noarch - qt-demos, qt-examples (split from -doc) - (cosmetic) re-order subpkgs in alphabetical order - drop unused profile.d bits * Fri Apr 24 2009 Rex Dieter - 4.5.1-3 - enable FT_LCD_FILTER (uses freetype subpixel filters if available at runtime) * Fri Apr 24 2009 Than Ngo - 4.5.1-2 - apply upstream patch to fix the svg rendering regression * Thu Apr 23 2009 Than Ngo - 4.5.1-1 - 4.5.1 * Tue Apr 14 2009 Rex Dieter - 4.5.0-14 - fix vrgb/vgbr corruption, disable QT_USE_FREETYPE_LCDFILTER (#490377) * Fri Apr 10 2009 Than Ngo - 4.5.0-13 - unneeded executable permissions for profile.d scripts * Wed Apr 1 2009 Kevin Kofler - 4.5.0-12 - fix inline asm in qatomic (de)ref (i386/x86_64), should fix Kolourpaint crash * Mon Mar 30 2009 Rex Dieter - 4.5.0-11 - qt fails to build on ia64 (#492174) * Wed Mar 25 2009 Rex Dieter - 4.5.0-10 - qt-copy-patches-20090325 * Tue Mar 24 2009 Than Ngo - 4.5.0-9 - lrelease only shows warning when duplicate messages found in *.ts( #491514) * Fri Mar 20 2009 Rex Dieter -4.5.0-8 - qt-copy-patches-20090319 * Thu Mar 19 2009 Rex Dieter - 4.5.0-7 - include more phonon bits, attempt to fix/provide phonon bindings for qtscriptgenerator, PyQt, ... * Tue Mar 17 2009 Than Ngo - 4.5.0-6 - fix lupdate segfault (#486866) * Sat Mar 14 2009 Dennis Gilmore - 4.5.0-5 - add patch for sparc64. - _Atomic_word is not always an int * Tue Mar 10 2009 Rex Dieter - 4.5.0-4 - macros.qt4: %_qt45 - cleanup more phonon-related left-overs* Wed Mar 4 2009 Rex Dieter - 4.5.0-3 - -no-phonon-backend - include qdoc3 - move designer plugins to runtime (#487622) * Tue Mar 3 2009 Rex Dieter - 4.5.0-2 - License: LGPLv2 with exceptions or GPLv3 with exceptions - BR: gstreamer-devel - drop qgtkstyle patch (no longer needed) - -x11: move libQtScriptTools here (linked with libQtGui) * Tue Mar 3 2009 Than Ngo - 4.5.0-1 - 4.5.0 * Fri Feb 27 2009 Rex Dieter - 1:4.5.0-0.8.20090224 - 20090224 snapshot - adjust pkgconfig hackery * Wed Feb 25 2009 Fedora Release Engineering - 1:4.5.0-0.7.rc1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Sun Feb 22 2009 Rex Dieter 4.5.0-0.5.rc1 - revert license, change won't land until official 4.5.0 release - workaround broken qhostaddress.h (#485677) - Provides: qgtkstyle = 0.1 * Fri Feb 20 2009 Rex Dieter 4.5.0-0.4.rc1 - saner versioned Obsoletes - -gtkstyle, Obsoletes: qgtkstyle < 0.1 - enable phonon support and associated hackery * Mon Feb 16 2009 Than Ngo 4.5.0-0.3.rc1 - fix callgrindChildExitCode is uninitialzed * Sun Feb 15 2009 Rex Dieter - 4.5.0-0.2.rc1 - qt-copy-patches-20090215 - License: +LGPLv2 * Wed Feb 11 2009 Than Ngo - 4.5.0-0.rc1.0 - 4.5.0 rc1 * Thu Feb 5 2009 Rex Dieter 4.4.3-16 - track branches/qt-copy/4.4, and backout previous trunk(qt45) ones * Mon Feb 2 2009 Than Ngo 4.4.3-15 - disable 0269,0270,0271 patches, it causes issue in systray * Thu Jan 29 2009 Rex Dieter - 4.4.3-14 - qt-copy-patches-20090129 * Mon Jan 26 2009 Rex Dieter - 4.4.3-13 - Provides: qt4%{?_isa} = %version-%release - add %_qt4 tomacros.qt4 * Thu Jan 22 2009 Rex Dieter - 4.4.3-12 - respin (mysql) * Fri Jan 16 2009 Kevin Kofler - 4.4.3-11 - rebuild for new OpenSSL * Mon Jan 12 2009 Rex Dieter - 4.4.3-10 - drop qt-x11-opensource-src-4.3.4-no-hardcoded-font-aliases.patch (#447298), in favor of qt-copy's 0263-fix-fontconfig-handling.diff * Mon Jan 12 2009 Than Ngo - 4.4.3-9 - qt-copy-patches-20090112 * Tue Dec 30 2008 Rex Dieter 4.4.3-8 - qt-copy-patches-20081225 * Fri Dec 12 2008 Rex Dieter 4.4.3-7 - rebuild for pkgconfig deps * Wed Nov 12 2008 Rex Dieter 4.4.3-6 - qt-copy-patches-20081112 * Tue Nov 11 2008 Than Ngo 4.4.3-5 - drop 0256-fix-recursive-backingstore-sync-crash.diff, it's included in qt-copy-pathes-20081110 * Mon Nov 10 2008 Rex Dieter 4.4.3-4 - qt-copy-patches-20081110 * Mon Nov 10 2008 Than Ngo 4.4.3-3 - apply 0256-fix-recursive-backingstore-sync-crash.diff -------------------------------------------------------------------------------- References: [ 1 ] Bug #513813 - CVE-2009-1725: KHTML: improper handling of numeric character references (ACE, DoS) https://bugzilla.redhat.com/show_bug.cgi?id=513813 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update qt' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list
Aug 20, 2009
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!