drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in Qt
Name: |
Pufferüberlauf in Qt |
|
ID: |
FEDORA-2011-17565 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 15 |
|
Datum: |
Mo, 30. Januar 2012, 07:48 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3922 |
|
Applikationen: |
Qt |
|
Originalnachricht |
Name : qt Product : Fedora 15 Version : 4.7.4 Release : 10.fc15 URL : http://www.qtsoftware.com/ Summary : Qt toolkit Description : Qt is a software toolkit for developing applications.
This package contains base tools, like string, xml, and network handling.
------------------------------------------------------------------------------- - Update Information:
This build addresses a security issue:
* CVE-2011-3922 qt: Stack-based buffer overflow in embedded harfbuzz code
as well as includes an upstream patch to address:
* "closed windows stay in the taskbar sometimes, taskbar doesn't react on clicks", http://bugs.kde.org/275469 ------------------------------------------------------------------------------- - ChangeLog:
* Tue Jan 10 2012 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.4-10 - improved filter_event patch (kde#275469) * Mon Jan 9 2012 Than Ngo <than@redhat.com> - 1:4.7.4-9 - bz#772128, CVE-2011-3922, Stack-based buffer overflow in embedded harfbuzz code * Tue Dec 27 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.4-8 - filter event patch, an attempt to avoid "ghost entries in kde taskbar" (kde#275469) * Wed Nov 16 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.4-7 - drop kde-qt 0012 patch, it's broken if not upstream (#704882) * Thu Nov 3 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.4-6 - build declarative/qml with -fno-strict-aliasing (#748936, QTBUG-19736) - build tds sql driver with -fno-strict-aliasing * Fri Oct 28 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.4-5 - crash when using a visual with 24 bits per pixel (QTBUG-21754) * Mon Oct 17 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.4-4 - Qt doesn't close orphaned file descriptors after printing (#746601, QTBUG-14724) - -webkit: Provides: qtwebkit(-devel) * Fri Sep 16 2011 Henrik Nordstrom <henrik@henriknordstrom.net> - 1:4.7.4-3 - Set proper architecture flags for armv7hl and admv7hnl (#744701) - fix ARM Thumb2 build (QTBUG-16402) * Fri Sep 16 2011 Lukas Tinkl <ltinkl@redhat.com> - 1:4.7.4-2 - respun upstream tarball to fix offline HTML docu (https://bugreports.qt.nokia.com/browse/QTBUG-21454) * Thu Sep 1 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.4-1 - 4.7.4 * Sat Aug 27 2011 Than Ngo <than@redhat.com> - 1:4.7.3-9 - drop unused rhel conditional * Sat Jul 23 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.3-8 - fix QMAKE_LIBDIR_QT, for missing QT_SHARED define (#725183) * Thu Jul 7 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.3-7 - Adding qt-sql-ibase driver for qt (#719002) - qvfb subpackage (#718416) * Mon Jun 20 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.3-6 - fontconfig patch respin (#705348, QTBUG-19947) * Mon Jun 20 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.3-5 - updated fontconfig patch (#705348, QTBUG-19947) * Tue Jun 7 2011 Than Ngo <than@redhat.com> - 1:4.7.3-4 - bz#705348, Lohit fonts accidentally disable the bytecode interpreter for Qt * Thu May 19 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.3-3 - omit %{_qt4_plugindir}/designer/libqwebview.so too * Thu May 19 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.3-2 - omit bundled webkit on f16+ (in favor of separately packaged qtwebkit) * Thu May 5 2011 Jaroslav Reznik <jreznik@redhat.com> 1:4.7.3-1 - 4.7.3 * Thu Apr 21 2011 Rex Dieter <rdieter@fedoraproject.org> 1:4.7.2-9 - -webkit-devel: move qt_webkit_version.pri here ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #772128 - CVE-2011-3922 qt: Stack-based buffer overflow in embedded harfbuzz code [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=772128 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update qt' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|