Fedora alert FEDORA-2010-11011 (qt)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 13 Update: qt-4.6.3-8.fc13 | |
| Date: | Tue, 13 Jul 2010 07:40:16 +0000 | |
| Message-ID: | <20100713074017.059E31111B3@bastion02.phx2.fedoraproject.org> | |
| Archive‑link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-11011 2010-07-13 06:44:35 -------------------------------------------------------------------------------- Name : qt Product : Fedora 13 Version : 4.6.3 Release : 8.fc13 URL : http://www.qtsoftware.com/ Summary : Qt toolkit Description : Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. -------------------------------------------------------------------------------- Update Information: This is an update to the latest stable bugfix qt release, including several security fixes related to qtwebkit. For details see also: http://qt.nokia.com/about/news/nokia-releases-qt-4.6.3 http://qt.nokia.com/developer/changes/changes-4.6.3 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 1 2010 Kevin Kofler <Kevin@tigcc.ticalc.org> - 4.6.3-8 - use find_lang to package the qm files (#609749) - put the qm files into the correct subpackages - remove qvfb translations, we don't ship qvfb * Tue Jun 29 2010 Rex Dieter <rdieter@fedoraproject.org> - 4.6.3-7 - workaround glib_eventloop crasher induced by gdal/grass (bug #498111) * Sun Jun 20 2010 Rex Dieter <rdieter@fedoraproject.org> - 4.6.3-5 - avoid timestamps in uic-generated files to be multilib-friendly * Fri Jun 18 2010 Rex Dieter <rdieter@fedoraproject.org> - 4.6.3-4 - QtWebKit does not search correct plugin path(s) (#568860) - QtWebKit browsers crash with flash-plugin (rh#605677,webkit#40567) * Tue Jun 15 2010 Jaroslav Reznik <jreznik@redhat.com> - 4.6.3-3 - WebKit security update: CVE-2010-1119, CVE-2010-1400, CVE-2010-1778 * Fri Jun 11 2010 Jaroslav Reznik <jreznik@redhat.com> - 4.6.3-2 - WebKit security update: CVE-2010-1303_1304, CVE-2010-1392, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1412, CVE-2010-1770, CVE-2010-1773, CVE-2010-1774 * Tue Jun 8 2010 Than Ngo <than@redhat.com> - 4.6.3-1 - 4.6.3 * Thu May 27 2010 Rex Dieter <rdieter@fedoraproject.org> - 4.6.2-20 - Unsafe use of rand() in X11 (QTBUG-9793) * Mon May 17 2010 Rex Dieter <rdieter@fedoraproject.org> - 4.6.2-19 - support QT_GRAPHICSSYSTEM env * Thu May 6 2010 Rex Dieter <rdieter@fedoraproject.org> - 4.6.2-18 - +Provides: qt4-webkit(-devel) * Thu May 6 2010 Than Ngo <than@redhat.com> - 4.6.2-17 - bz#589169, fix multiple flaws in webkit CVE-2010-0047, CVE-2010-0648, CVE-2010-0656 -------------------------------------------------------------------------------- References: [ 1 ] Bug #525791 - CVE-2009-2841 WebKit, qt: Unallowed sub-resources loading in the media element handling code https://bugzilla.redhat.com/show_bug.cgi?id=525791 [ 2 ] Bug #596494 - CVE-2010-1766 WebKit: off-by-one memory corruption flaw WebSocketHandshake::readServerHandshake() https://bugzilla.redhat.com/show_bug.cgi?id=596494 [ 3 ] Bug #596498 - CVE-2010-1772 WebKit: use-after-free vulnerability in handling of geolocation events https://bugzilla.redhat.com/show_bug.cgi?id=596498 [ 4 ] Bug #596500 - CVE-2010-1773 WebKit: off-by-one memory read out of bounds vulnerability in handling of HTML lists https://bugzilla.redhat.com/show_bug.cgi?id=596500 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update qt' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...