Ubuntu Security Notice USN-579-1 February 20, 2008==========20================================================= qt4-x11 vulnerability CVE-2007-5965 ========================================================== A security issue affects the following Ubuntu releases:
Ubuntu 7.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 7.10: libqt4-core 4.3.2-0ubuntu3.2
After a standard system upgrade you need to restart applications linked against Qt to effect the necessary changes.
Details follow:
It was discovered that QSslSocket did not properly verify SSL certificates. A remote attacker may be able to trick applications using QSslSocket into accepting invalid SSL certificates.