[Qt 3, Qt 4] Potential vulnerability in QUtf8Decoder
Bug #140707 reported by
disabled.user
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| qt-x11-free (Ubuntu) |
Fix Released
|
High
|
Jonathan Riddell | ||
| Dapper |
Fix Released
|
High
|
Kees Cook | ||
| Edgy |
Fix Released
|
High
|
Kees Cook | ||
| Feisty |
Fix Released
|
High
|
Kees Cook | ||
| Gutsy |
Fix Released
|
High
|
Jonathan Riddell | ||
| qt4-x11 (Ubuntu) |
Fix Released
|
High
|
Jonathan Riddell | ||
| Dapper |
Won't Fix
|
Undecided
|
Unassigned | ||
| Edgy |
Won't Fix
|
Undecided
|
Unassigned | ||
| Feisty |
Won't Fix
|
Undecided
|
Unassigned | ||
| Gutsy |
Fix Released
|
High
|
Jonathan Riddell | ||
Bug Description
Quote:
"Qt 3 and Qt 4 have a potential vulnerability in QUtf8Decoder, which might cause a one-byte buffer overflow. This problem is not exploitable in Qt 4. To solve the issue, apply the following patches for Qt 3 and Qt 4. The next maintenance release of Qt 4 will have the patch included.
[...]
Thanks to Dirk Mueller of KDE for reporting this vulnerability."
References:
http://
Patches:
http://
http://
CVE References
Revision history for this message
| disabled.user (disabled.user-deactivatedaccount) wrote | #1 |
Revision history for this message
| disabled.user (disabled.user-deactivatedaccount) wrote | #2 |
Revision history for this message
| Kees Cook (kees) wrote | #3 |
| Changed in qt-x11-free: | |
| assignee: | keescook → jr |
| status: | Fix Committed → Triaged |
| assignee: | nobody → keescook |
| status: | New → Fix Committed |
| assignee: | nobody → keescook |
| status: | New → Fix Committed |
| assignee: | nobody → keescook |
| status: | New → Fix Committed |
Revision history for this message
| Kees Cook (kees) wrote | #4 |
| Changed in qt4-x11: | |
| assignee: | nobody → jr |
| importance: | Undecided → Medium |
| status: | New → Triaged |
| status: | New → Won't Fix |
| status: | New → Won't Fix |
| status: | New → Won't Fix |
| Changed in qt-x11-free: | |
| importance: | Undecided → High |
| Changed in qt4-x11: | |
| importance: | Medium → High |
| Changed in qt-x11-free: | |
| status: | Fix Committed → Fix Released |
| status: | Fix Committed → Fix Released |
Revision history for this message
| Kees Cook (kees) wrote | #5 |
| Changed in qt-x11-free: | |
| status: | Fix Committed → Fix Released |
| importance: | Undecided → High |
| importance: | Undecided → High |
| importance: | Undecided → High |
| Changed in qt-x11-free: | |
| status: | Triaged → Fix Released |
| Changed in qt4-x11: | |
| status: | Triaged → Fix Released |
To post a comment you must log in.
Thanks, this is in progress.