Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=333d035bc427bc301220696a631e501aca4ebfcc
commit 333d035bc427bc301220696a631e501aca4ebfcc Author: VMiklos <[EMAIL PROTECTED]> Date: Sun Sep 23 13:47:27 2007 +0200 FSA276-qt diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index 2427563..db0cebb 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -27,6 +27,18 @@ <fsas> <fsa> + <id>276</id> + <date>2007-09-23</date> + <author>vmiklos</author> + <package>qt</package> + <vulnerable>3.3.7-5terminus1</vulnerable> + <unaffected>3.3.7-5terminus2</unaffected> + <bts>http://bugs.frugalware.org/task/2414</bts> + <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137</cve> + <desc>A vulnerability has been reported in Qt, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library. + The vulnerability is caused due to an off-by-one error within the "QUtf8Decoder::toUnicode()" function ("QUtf8Codec::convertToUnicode()" in Qt 4.x) in codecs/qutfcodec.cpp. This can be exploited to cause a one-byte heap-based buffer overflow via a specially crafted unicode string.</desc> + </fsa> + <fsa> <id>275</id> <date>2007-09-18</date> <author>voroskoi</author> _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
