|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2009-11487 (qt)



From:
    	      updates@fedoraproject.org 


To:
    	      fedora-package-announce@redhat.com 


Subject:
    	      [SECURITY] Fedora 12 Update: qt-4.5.3-9.fc12 


Date:
    	      Sat, 14 Nov 2009 03:30:38 +0000


Message-ID:
    	      <20091114033038.51CC510F844@bastion2.fedora.phx.redhat.com>


Archive‑link: 
        	Article


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-11487
2009-11-14 02:52:09
--------------------------------------------------------------------------------

Name        : qt
Product     : Fedora 12
Version     : 4.5.3
Release     : 9.fc12
URL         : http://www.qtsoftware.com/
Summary     : Qt toolkit
Description :
Qt is a software toolkit for developing applications.

This package contains base tools, like string, xml, and network
handling.

--------------------------------------------------------------------------------
Update Information:

A security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)
implementation.    Multiple security flaws (integer underflow, invalid pointer
dereference, buffer underflow and a denial of service) were found in the way
WebKit's FTP parser used to process remote FTP directory listings.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 12 2009 Jaroslav Reznik <jreznik@redhat.com> - 4.5.3-9
- CVE-2009-3384 - WebKit, ftp listing handling (#525788)
- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)
* Sun Nov  8 2009 Rex Dieter <rdieter@fedoraproject.org> - 4.5.3-8
- -x11: Requires: %{name}-sqlite(ppc-32)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #525788 - CVE-2009-3384 WebKit, qt: Multiple security issues while handling FTP
directory listings
        https://bugzilla.redhat.com/show_bug.cgi?id=525788
  [ 2 ] Bug #525789 - CVE-2009-2816 WebKit, qt: MITM in the WebKit's Cross-Origin Resource Sharing
(CORS) implementation
        https://bugzilla.redhat.com/show_bug.cgi?id=525789
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update qt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds