[Qt 3, Qt 4] Potential vulnerability in QUtf8Decoder
Bug #140707 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
qt-x11-free (Ubuntu) |
Fix Released
|
High
|
Jonathan Riddell | ||
Dapper |
Fix Released
|
High
|
Kees Cook | ||
Edgy |
Fix Released
|
High
|
Kees Cook | ||
Feisty |
Fix Released
|
High
|
Kees Cook | ||
Gutsy |
Fix Released
|
High
|
Jonathan Riddell | ||
qt4-x11 (Ubuntu) |
Fix Released
|
High
|
Jonathan Riddell | ||
Dapper |
Won't Fix
|
Undecided
|
Unassigned | ||
Edgy |
Won't Fix
|
Undecided
|
Unassigned | ||
Feisty |
Won't Fix
|
Undecided
|
Unassigned | ||
Gutsy |
Fix Released
|
High
|
Jonathan Riddell |
Bug Description
Quote:
"Qt 3 and Qt 4 have a potential vulnerability in QUtf8Decoder, which might cause a one-byte buffer overflow. This problem is not exploitable in Qt 4. To solve the issue, apply the following patches for Qt 3 and Qt 4. The next maintenance release of Qt 4 will have the patch included.
[...]
Thanks to Dirk Mueller of KDE for reporting this vulnerability."
References:
http://
Patches:
http://
http://
CVE References
Changed in qt-x11-free: | |
assignee: | keescook → jr |
status: | Fix Committed → Triaged |
assignee: | nobody → keescook |
status: | New → Fix Committed |
assignee: | nobody → keescook |
status: | New → Fix Committed |
assignee: | nobody → keescook |
status: | New → Fix Committed |
Changed in qt-x11-free: | |
status: | Triaged → Fix Released |
Changed in qt4-x11: | |
status: | Triaged → Fix Released |
To post a comment you must log in.
Thanks, this is in progress.