This bug was fixed in the package qt4-x11 - 4.3.2-0ubuntu3.2
---------------
qt4-x11 (4.3.2-0ubuntu3.2) gutsy-security; urgency=low
* SECURITY UPDATE: a potential vulnerability in QSslSocket, which
might cause a certificate verification in SSL connections not to
be performed. As a consequence, code using QSslSocket might be
misled into thinking the certificate was verified correctly when
it actually failed in one or more criteria.
* Added kubuntu_02_qsslsocket_verification.dpatch from
http://www.trolltech.com/developer/download/190133.patch: ensure
certificates are verified. (Fixes LP: #191218)
* References
http://trolltech.com/company/newsroom/announcements/press.2007-12-21.2182567220
CVE-2007-5965
-- Jonathan Riddell <[EMAIL PROTECTED]> Wed, 20 Feb 2008 00:26:45
+0000
** Changed in: qt4-x11 (Ubuntu Gutsy)
Status: New => Fix Released
--
[qt4] [CVE-2007-5965] error in handling certificate verification in SSL
connections
https://bugs.launchpad.net/bugs/191218
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
