Ubuntu
qtcreator package

CVE-2010-3374: insecure library loading

Bug #649991 reported by Felix Geyer on 2010-09-28

260

This bug affects 1 person

	Status	Importance	Assigned to
qtcreator (Debian)	Fix Released	Unknown	debbugs #598300
qtcreator (Ubuntu)	Fix Released	Undecided	Unassigned
Karmic	Fix Released	Undecided	Unassigned
Lucid	Fix Released	Undecided	Unassigned

Bug Description

Binary package hint: qtcreator

From http://qt.nokia.com/about/news/security-announcement-qt-creator-2.0.0-for-desktop-platforms
> A vulnerability has been found in Qt Creator 2.0.0
> and previous versions. The vulnerability occurs because
> of an insecure manipulation of a Unix environment variable
> by the "qtcreator" shell script. It manifests by causing Qt or
> Qt Creator to attempt to load certain library names from the
> current working directory.

This is fixed by the following upstream commit:
http://qt.gitorious.org/qt-creator/qt-creator/commit/3c00715c8e90c57953ec4a8716110f6954e524e4

Related branches

lp:ubuntu/karmic-security/qtcreator

lp:ubuntu/lucid-security/qtcreator

CVE References

2010-3374

Felix Geyer (debfx) on 2010-09-28

visibility:

private → public

Revision history for this message

Felix Geyer (debfx) wrote on 2010-09-28:

qtcreator_1.2.1-3ubuntu1.1.debdiff Edit (1.1 KiB, text/plain)

qtcreator (1.2.1-3ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: insecure library loading (LP: #649991)
    - bin/qtcreator: don't add an empty element to LD_LIBRARY_PATH,
      based on patch from upstream.
    - http://qt.gitorious.org/qt-creator/qt-creator/commit/3c00715c8e90c57953ec4a8716110f6954e524e4
    - CVE-2010-3374

-- Felix Geyer <email address hidden> Tue, 28 Sep 2010 18:30:43 +0200

Revision history for this message

Felix Geyer (debfx) wrote on 2010-09-28:

qtcreator_1.3.1-1ubuntu1.1.debdiff Edit (1.1 KiB, text/plain)

qtcreator (1.3.1-1ubuntu1.1) lucid-security; urgency=low

-- Felix Geyer <email address hidden> Tue, 28 Sep 2010 18:14:48 +0200

Revision history for this message

Felix Geyer (debfx) wrote on 2010-09-28:

I have tested both packages: they build fine and set the LD_LIBRARY_PATH variable correctly (don't add a ":" at the end when LD_LIBRARY_PATH was empty).

Maverick is not affected as it has QtCreator 2.0.1.

Felix Geyer (debfx) on 2010-09-29

Changed in qtcreator (Ubuntu Karmic):
status:	New → Confirmed
Changed in qtcreator (Ubuntu Lucid):
status:	New → Confirmed

Felix Geyer (debfx) on 2010-09-29

Changed in qtcreator (Ubuntu):
status:	New → Invalid

Artur Rona (ari-tczew) on 2010-09-29

Changed in qtcreator (Ubuntu):
status:	Invalid → Fix Released

Revision history for this message

Kees Cook (kees) wrote on 2010-09-30:

Thanks! I'll get these uploaded shortly.

Changed in qtcreator (Ubuntu Karmic):
status:	Confirmed → In Progress
Changed in qtcreator (Ubuntu Lucid):
status:	Confirmed → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-09-30:

This bug was fixed in the package qtcreator - 1.3.1-1ubuntu1.1

---------------
qtcreator (1.3.1-1ubuntu1.1) lucid-security; urgency=low

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-09-30:

This bug was fixed in the package qtcreator - 1.2.1-3ubuntu1.1

---------------
qtcreator (1.2.1-3ubuntu1.1) karmic-security; urgency=low

Changed in qtcreator (Ubuntu Karmic):
status:	In Progress → Fix Released
Changed in qtcreator (Ubuntu Lucid):
status:	In Progress → Fix Released

Bug Watch Updater (bug-watch-updater) on 2010-10-12

Changed in qtcreator (Debian):
status:	Unknown → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch

Remote bug watches

debbugs #598300
[done grave security] Edit

Bug watches keep track of this bug in other bug trackers.

Ubuntuqtcreator package

CVE-2010-3374: insecure library loading

Bug Description

Related branches

CVE References

Other bug subscribers

Patches

Remote bug watches

Ubuntu
qtcreator package