[Qt 3, Qt 4] Potential vulnerability in QUtf8Decoder

Bug #140707 reported by disabled.user on 2007-09-18
254
Affects Status Importance Assigned to Milestone
qt-x11-free (Ubuntu)
High
Jonathan Riddell
Dapper
High
Kees Cook
Edgy
High
Kees Cook
Feisty
High
Kees Cook
Gutsy
High
Jonathan Riddell
qt4-x11 (Ubuntu)
High
Jonathan Riddell
Dapper
Undecided
Unassigned
Edgy
Undecided
Unassigned
Feisty
Undecided
Unassigned
Gutsy
High
Jonathan Riddell

Bug Description

Quote:
"Qt 3 and Qt 4 have a potential vulnerability in QUtf8Decoder, which might cause a one-byte buffer overflow. This problem is not exploitable in Qt 4. To solve the issue, apply the following patches for Qt 3 and Qt 4. The next maintenance release of Qt 4 will have the patch included.
[...]
Thanks to Dirk Mueller of KDE for reporting this vulnerability."

References:
http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119

Patches:
http://www.trolltech.com/developer/download/175791_3.diff [Qt 3]
http://www.trolltech.com/developer/download/175791_4.diff [Qt 4]

CVE References

Kees Cook (kees) wrote :

Thanks, this is in progress.

Kees Cook (kees) on 2007-09-18
Changed in qt-x11-free:
assignee: keescook → jr
status: Fix Committed → Triaged
assignee: nobody → keescook
status: New → Fix Committed
assignee: nobody → keescook
status: New → Fix Committed
assignee: nobody → keescook
status: New → Fix Committed
Kees Cook (kees) wrote :

Qt4 is not vulnerable in Dapper, Edgy, Feisty.

Changed in qt4-x11:
assignee: nobody → jr
importance: Undecided → Medium
status: New → Triaged
status: New → Won't Fix
status: New → Won't Fix
status: New → Won't Fix
Changed in qt-x11-free:
importance: Undecided → High
Changed in qt4-x11:
importance: Medium → High
Changed in qt-x11-free:
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Kees Cook (kees) wrote :

Dapper, Edgy, Feisty qt-x11-free updated with USN-513-1: http://www.ubuntu.com/usn/usn-513-1

Changed in qt-x11-free:
status: Fix Committed → Fix Released
importance: Undecided → High
importance: Undecided → High
importance: Undecided → High
Kees Cook (kees) on 2007-10-03
Changed in qt-x11-free:
status: Triaged → Fix Released
Changed in qt4-x11:
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers