FLEA-2007-0059-1 qt qt-tools

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Foresight Linux Essential Advisory: 2007-0059-1 Published: 2007-10-04

Rating: Minor

Updated Versions:

    qt=/conary.rpath.com@rpl:devel//foresight.rpath.or@fl:1-devel//1/3.3.8_r653471-0.6-1
    qt-tools=/conary.rpath.com@rpl:devel//foresight.rpath.or@fl:1-devel//1/3.3.8_r653471-0.6-1
    group-dist=/foresight.rpath.org@fl:1-devel//1/1.4.0-0.5-11

References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137

Description:

    Previous version of the qt package are vulnerable to a Denial     of Service attack in which a maliciously crafted Unicode string may     cause a heap-based buffer overflow in applications that use the Qt     libraries.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

    Note that while Foresight ships qt for compatibility with third-party     applications, Foresight Linux does not include any components which use qt,     so a default install is not exposed to this issue.

• ---

Copyright 2007 Foresight Linux Project
This file is distributed under the terms of the MIT License. A copy is available at http://www.foresightlinux.org/permanent/mit-license.html
-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2.0.4 (GNU/Linux)

iQIVAwUBRwTUodfwEn07iAtZAQKhsw//fUjnNU8FrrYCwKehylypTlJU3jSeGLIF rCFxrpHvvz4wPhLhbhrFlobslnzYXAFmMt/ah0T+rPzCfT1f6S4aPEAWyDmkhcDv gGZVI9L7YqlCEUJPWk/kuXiZ5rwQ3Jf6/jgqUNGRtvBsLwOMCKhzqsu4Zs1nXkFs /RgMhQTgExh5rPq+ZxupL+LMf9wSaj1SfQw4zs8E5PygoWpEcv1JWb8HvmFQCWrb m6CW8xlHG1TzO6P5YsjhQeYuNX0zBazXb3s+sPTTdKk+GUfdjqjl2L24qYQ7+XWe EA3sma+SIEOr/XQ9Tg0ikrEvzjgniPYDI5q02d6nCk60No5GX4Va0RnMclvKIQ6t 0zwnRAT3fbVY2M9h11NJx/vef+rKeJDNrJMjTQODQ+kEXfgu73W/Nd1auvpRY9Gf E7H/mCSN3ErVGAd0yDbrPr86+umtbe1gqArsxrDNWt3zR2LHrkd8Sh2PtiJE6Bq4 U5wAHt52GCl6Ns1xIofiyHTu9IsQTCDAVKpCf+VubKtqiGhT/RK+tgDp3vyDSfYN sFBMrprzRFRe9JBuVQbYoYxg4loSJLDNvmTNCnVcRSZM05H3JsTqrujMAL/8gqZc HFQt3gAulzDige/pZy8J4Ce2ARe3/LmcM7QYKRFGqlZz/Rtt7cpp5bO8c9CSjrHY xg9Pi8Mg5zQ=
=7RPw
-----END PGP SIGNATURE-----
Received on Thu Oct 4 12:46:37 2007