Plattformen: |
Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, TurboLinux wizpy |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2007-30
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 30 May 2007
Last revised: 30 May 2007
Package: qt3
Summary: Remote attackers to conduct cross-site scripting
More information:
Qt is a complete and well-designed multi-platform object-oriented
framework for developing graphical user interface (GUI) applications using C++.
The UTF-8 decoder does not reject long UTF-8 sequences as required by the
standard, which allows remote attackers to conduct cross-site scripting (XSS).
Impact:
These vulnerabilities may allow remote attackers to conduct cross-site scripting.
Affected Products:
- wizpy
- Turbolinux FUJI
- Turbolinux 10 Server x64 Edition
- Turbolinux 10 Server
- Turbolinux Home
- Turbolinux 10 F...
- Turbolinux 10 Desktop
- Turbolinux Multimedia
- Turbolinux Personal
Source Packages
Size: MD5
qt3-3.3.4-15.src.rpm
14666626 9063eeac05009088b88c51dd079f7111
Binary Packages
Size: MD5
qt3-3.3.4-15.i386.rpm
5484270 37bbfb37e293059476e4b0270b89f468
Source Packages
Size: MD5
qt3-3.3.4-15.src.rpm
14666626 8cd492bc6c6ddab7b422e05505e77168
Binary Packages
Size: MD5
qt3-3.3.4-15.i686.rpm
6473161 7d3b4ccd5edd83879be14eb4da7a6d95
qt3-devel-3.3.4-15.i686.rpm
3731720 fad6658678901411d0610888929988fd
qt3-doc-3.3.4-15.i686.rpm
8073294 96bf5ad806b6f0f459144b2b9c83d119
qt3-examples-3.3.4-15.i686.rpm
4005249 87649fdc9af77b407bf9b101b587d81a
qt3-sql-MySQL-3.3.4-15.i686.rpm
32329 25343d46adae98179f66fdffeee94ea9
qt3-sql-ODBC-3.3.4-15.i686.rpm
51265 4e37a8c6dbb5db328af3a42ba35ff5c3
qt3-sql-postgresql-3.3.4-15.i686.rpm
39982 5e2fb1a9aaa160430875a561ecbf9a33
qt3-tools-3.3.4-15.i686.rpm
2120501 4e94276ccffdc69ed7a983a421d7416a
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/qt3-3.2.3-16.src.rpm
14029902 7b88118a98e049863b1cad36f59f96c9
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/qt3-3.2.3-16.x86_64.rpm
5806091 9eda431f38bd31a7d76c3bd083776645
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/qt3-devel-3.2.3-16.x86_64.rpm
3088475 646510f33c8a30a19a34ee227eef003d
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/qt3-tools-3.2.3-16.x86_64.rpm
2047351 1c129b53f957777602ba04e5547fa1a4
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/qt3-3.2.3-16.src.rpm
14029902 a10e55b47761425a609bc8fe23728dd6
Binary Packages
Size: MD5
qt3-3.2.3-16.i586.rpm
5481646 2e734f70d48deaef927485f17b8bda49
qt3-devel-3.2.3-16.i586.rpm
3021954 0a6f26c773a125dc2f65f8b7ab891acd
qt3-tools-3.2.3-16.i586.rpm
1966388 36b4d6428abb370a13b8d4c4c94d1f5f
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/qt3-3.2.3-16.src.rpm
14029902 c37790b9c4dbe9bd28830fea60455c89
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/qt3-3.2.3-16.i586.rpm
5453301 b99a5ee9f9127c059e6cd9516ef72276
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/qt3-devel-3.2.3-16.i586.rpm
3017176 aea7742bc5a6d9f67993e15350396a6f
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/qt3-tools-3.2.3-16.i586.rpm
1957569 02c2706e841ac61b82c53d3db78b123d
References:
CVE
[CVE-2007-0242]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242
--------------------------------------------------------------------------
Revision History
30 May 2007 Initial release
--------------------------------------------------------------------------
Copyright(C) 2007 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGXP8rK0LzjOqIJMwRAuknAJ93p/nuKWIbXhPI9+Y17oGi+6qMHwCfR/S3
UjDxZ9UOngTrQDmg9PI6zfs=
=L2Qp
-----END PGP SIGNATURE-----
|